www.flaresenha.com Open in urlscan Pro
190.89.239.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.flaresenha.com/
Submission: On January 12 via manual (January 12th 2023, 5:26:30 pm UTC) from BR — Scanned from DE

Summary HTTP 304 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 60 IPs in 10 countries across 42 domains to perform 304 HTTP transactions. The main IP is 190.89.239.168, located in Brazil and belongs to HVC-AS, US. The main domain is www.flaresenha.com.
TLS certificate: Issued by R3 on December 20th 2022. Valid for: 3 months.

This is the only time www.flaresenha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	190.89.239.168 190.89.239.168	29802 (HVC-AS) (HVC-AS)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	190.89.238.70 190.89.238.70	28209 (Under Ser...) (Under Servicos de Internet Ltda)
3	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
2	190.89.239.12 190.89.239.12	29802 (HVC-AS) (HVC-AS)
15	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	92.123.36.4 92.123.36.4	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2606:4700:e6:... 2606:4700:e6::ac40:c109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	85.17.31.162 85.17.31.162	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2606:4700::68... 2606:4700::6812:18f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
1	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223d:e400:17:1c9a:3a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	213.227.149.183 213.227.149.183	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 6	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
1 27	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	3.10.72.72 3.10.72.72	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 11	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:9223:c75b:4ef4:75e	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:9000:214... 2600:9000:214f:200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
4	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:9040	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2	2a02:26f0:350... 2a02:26f0:3500:58c::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	18.159.161.163 18.159.161.163	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:1::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
304	60

48 190.89.239.168 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us310.serverdo.in

www.flaresenha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.89.238.70 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br42.serverdo.in

tags.juicebarads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 190.89.239.12 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us250.serverdo.in

controle.flaresenha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:e6::ac40:c109 (United States)

ASN13335 (CLOUDFLARENET, US)

www.chatbro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lpgs.chatbro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.17.31.162 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cdn.fsmads.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.cdn.fsmads.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:e400:17:1c9a:3a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

intersc.igaming-service.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.149.183 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.trafficdok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:806::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:400d:805::2001 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.10.72.72 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-72-72.eu-west-2.compute.amazonaws.com

ip-api.igaming-service.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9223:c75b:4ef4:75e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tt-11382-4.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9040 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

video-native.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

vast.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.161.163 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-161-163.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.141 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4001:803::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:1::8 (Ireland)

ASN15169 (GOOGLE, US)

rr3---sn-5hnekn7d.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	622 KB
50	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 pubads.g.doubleclick.net — Cisco Umbrella Rank: 429	372 KB
50	flaresenha.com www.flaresenha.com controle.flaresenha.com	1 MB
31	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8427 c.mgid.com — Cisco Umbrella Rank: 6152 cdn.mgid.com — Cisco Umbrella Rank: 11429 servicer.mgid.com — Cisco Umbrella Rank: 8597 s-img.mgid.com — Cisco Umbrella Rank: 5317 cm.mgid.com — Cisco Umbrella Rank: 1200 video-native.mgid.com — Cisco Umbrella Rank: 112139	492 KB
29	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com csi.gstatic.com	556 KB
13	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1966	10 KB
8	chatbro.com www.chatbro.com — Cisco Umbrella Rank: 94787 lpgs.chatbro.com — Cisco Umbrella Rank: 99485	124 KB
7	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 60872 d.tailtarget.com — Cisco Umbrella Rank: 69961 b.t.tailtarget.com — Cisco Umbrella Rank: 54502 tt-11382-4.seg.t.tailtarget.com t.tailtarget.com — Cisco Umbrella Rank: 6687	32 KB
7	google.de adservice.google.de — Cisco Umbrella Rank: 8253 www.google.de — Cisco Umbrella Rank: 5880	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 446	350 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 377	109 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	242 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1395 sync.teads.tv — Cisco Umbrella Rank: 1198 t.teads.tv — Cisco Umbrella Rank: 2696	132 KB
3	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 13495	745 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 691	868 B
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 29394 ui.cleverwebserver.com — Cisco Umbrella Rank: 29520 call.cleverwebserver.com — Cisco Umbrella Rank: 30693	47 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 332	1015 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 561	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	aniview.com vast.aniview.com — Cisco Umbrella Rank: 8472	502 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1085 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1328	691 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 963 id5-sync.com — Cisco Umbrella Rank: 399	17 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	150 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 705 s.tribalfusion.com — Cisco Umbrella Rank: 1799	1 KB
2	igaming-service.io intersc.igaming-service.io — Cisco Umbrella Rank: 87635 ip-api.igaming-service.io — Cisco Umbrella Rank: 91208	8 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	fsmads.biz cdn.fsmads.biz z.cdn.fsmads.biz	5 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 76
1	googlevideo.com rr3---sn-5hnekn7d.googlevideo.com — Cisco Umbrella Rank: 66137
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1533	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 984	356 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1389	628 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 294	17 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 478	72 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 673	441 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 310	464 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 412	715 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	863 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	38 KB
1	trafficdok.com z.cdn.trafficdok.com — Cisco Umbrella Rank: 285599
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 817	647 B
1	juicebarads.com tags.juicebarads.com — Cisco Umbrella Rank: 798556	14 KB
304	42

	Domain	Requested by
48	www.flaresenha.com	www.flaresenha.com
27	tpc.googlesyndication.com	1 redirects 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com googleads.g.doubleclick.net www.flaresenha.com securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
24	pagead2.googlesyndication.com	www.flaresenha.com pagead2.googlesyndication.com www.googletagservices.com tags.juicebarads.com www.gstatic.com 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
23	securepubads.g.doubleclick.net	www.flaresenha.com securepubads.g.doubleclick.net www.googletagservices.com 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
14	s-img.mgid.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.flaresenha.com
11	cm.g.doubleclick.net	1 redirects www.flaresenha.com googleads.g.doubleclick.net 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
10	www.gstatic.com	7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	www.chatbro.com	www.flaresenha.com
6	www.google.com	2 redirects www.flaresenha.com googleads.g.doubleclick.net tpc.googlesyndication.com 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com imasdk.googleapis.com
6	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com imasdk.googleapis.com
5	c.mgid.com	jsc.mgid.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	encrypted-tbn0.gstatic.com	7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
5	www.googletagservices.com	securepubads.g.doubleclick.net 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	cdn.mgid.com	jsc.mgid.com
4	7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.flaresenha.com googleads.g.doubleclick.net 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
3	csi.gstatic.com	imasdk.googleapis.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	cl.imghosts.com
3	onetag-sys.com	2 redirects
3	encrypted-tbn1.gstatic.com	7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
3	encrypted-tbn2.gstatic.com	7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
3	imasdk.googleapis.com	www.flaresenha.com imasdk.googleapis.com
2	eb2.3lift.com	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	vast.aniview.com	video-native.mgid.com
2	video-native.mgid.com	jsc.mgid.com video-native.mgid.com
2	cm.mgid.com	jsc.mgid.com
2	servicer.mgid.com	jsc.mgid.com
2	b.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.flaresenha.com d.tailtarget.com
2	ssbsync.smartadserver.com	googleads.g.doubleclick.net 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
2	t.teads.tv	www.flaresenha.com
2	www.google-analytics.com	www.flaresenha.com www.google-analytics.com
2	a.teads.tv	www.flaresenha.com a.teads.tv
2	jsc.mgid.com	www.flaresenha.com jsc.mgid.com
2	controle.flaresenha.com	www.flaresenha.com
1	www.youtube.com
1	rr3---sn-5hnekn7d.googlevideo.com
1	t.tailtarget.com
1	rtb.openx.net	7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
1	odr.mookie1.com
1	dsp.adfarm1.adition.com	1 redirects
1	id5-sync.com	cdn.id5-sync.com
1	s0.2mdn.net	imasdk.googleapis.com
1	tt-11382-4.seg.t.tailtarget.com	d.tailtarget.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	s.ad.smaato.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	www.flaresenha.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ip-api.igaming-service.io	intersc.igaming-service.io
1	encrypted-tbn3.gstatic.com	7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
1	call.cleverwebserver.com	www.flaresenha.com
1	tags.t.tailtarget.com	www.flaresenha.com
1	www.googletagmanager.com	tags.juicebarads.com
1	fundingchoicesmessages.google.com	tags.juicebarads.com
1	www.google.de	www.flaresenha.com
1	z.cdn.trafficdok.com	cdn.fsmads.biz
1	intersc.igaming-service.io	www.flaresenha.com
1	sync.teads.tv	a.teads.tv
1	stats.g.doubleclick.net	www.google-analytics.com
1	ui.cleverwebserver.com	www.flaresenha.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	scripts.cleverwebserver.com	www.flaresenha.com
1	lpgs.chatbro.com	www.flaresenha.com
1	z.cdn.fsmads.biz	cdn.fsmads.biz
1	cdn.fsmads.biz	www.flaresenha.com
1	tags.juicebarads.com	www.flaresenha.com
304	79

This site contains links to these domains. Also see Links.

Domain
br.odds.dog
pt.johnnybet.com
www.flashscore.com.br
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.casasdeapostasbrasil.com
www.futeboleiro.com
www.chatbro.com

Subject Issuer	Validity	Valid
flaresenha.com R3	`2022-12-20` - `2023-03-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.tags.juicebarads.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-11` - `2023-08-11`	a year	crt.sh
controle.flaresenha.com R3	`2022-12-12` - `2023-03-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
teads.tv R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
fsmads.biz R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.igaming-service.io Sectigo RSA Domain Validation Secure Server CA	`2022-07-25` - `2023-08-05`	a year	crt.sh
*.cdn.trafficdok.com Go Daddy Secure Certificate Authority - G2	`2022-04-07` - `2023-04-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-10` - `2023-07-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2022-09-13` - `2023-10-15`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-01-03` - `2023-03-14`	2 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.flaresenha.com/
Frame ID: 4E73F4BE5DFCE30B10CF7F9B91457707
Requests: 175 HTTP requests in this frame

Frame: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9A3A383F7AF0EA56CC8D57AE5C02E0AA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnfj9jmFSCtKfX2PTr28MEfCrxtISF9PPVIxjvaHbfmROYRBuS9KcwepfaiLswh0M11R4z7KXA_Zds9t9RDeBoT2-ftT6RKrad431KQccWq0q594Om3Uw54zaA7YajcEAUyne34255VOhqvM7uqp-Y9hV28bsU22DeMA-tUKlNbhsG7FRaUydmAVBb-ggUzHvX0kDZHlDAhrhjWgKvPPkUVcIrMO9In8ugtTKwV8_S7J9KugpJaEW2eDWTRp3rkhcSuwyJoNAzBmFTB2CvTF4wmPwBWrJbYb-L11t6hyCide_KgeCZgQ3gkJzRZUmFIt_8qoRGLzv8_an9z9uQHQ&sai=AMfl-YRh3PbQowOV9GXI8RZQdFLdBWN3kPHNsvKMafQUK9zW2mEuaWdf9zoCpPHvpophn_FHLAFxOZDgvKUGJAZsBUvc1dMRu9jGp1HDf7bJx4zh_HFts7HB-J40ZiWmfbl84CSAXW0oWHTJ28pOkgfsGLQ&sig=Cg0ArKJSzKj9WPlye7nkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7C48FE28E3275328953BEE6E08592FB6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20190131/zrt_lookup.html
Frame ID: 972F0A8A5C299555CC58A70E485D8E31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1673530976&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.flaresenha.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673544381203&bpp=3&bdt=1152&idt=220&shv=r20230110&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&cookie=ID%3D81117219a15a50d1%3AT%3D1673544380%3AS%3DALNI_Mb04JiP5QF_7r6cd4M42hByVczutA&gpic=UID%3D00000bc021ab5b6d%3AT%3D1673544380%3ART%3D1673544380%3AS%3DALNI_MYxgh3B8DVpUpyvLIAK5TfjbuLA-Q&nras=1&correlator=7643178354187&frm=20&pv=2&ga_vid=741293778.1673544381&ga_sid=1673544381&ga_hid=2141775897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071383%2C44779794&oid=2&pvsid=1036440414456943&tmod=1512204912&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&dtd=239
Frame ID: 0837E4B2B67C4A8F6F59D088455A23C2
Requests: 1 HTTP requests in this frame

Frame: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E6D6876186C3E5B60CB0F93B5489C333
Requests: 17 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 782CF35D5EE010A7241D84ADEFAF3259
Requests: 1 HTTP requests in this frame

Frame: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B1F66FE895BEB203B41A685732B51D6C
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4F9B88BB344ECCFC782DAEA12735D373
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: 19A1FDEEF9BAFAF0C67FA73E6D67C282
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211111611000/amp4ads-v0.mjs
Frame ID: 836B345B3B94064AB0550A30886A62E9
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: 95E4B15421B42F07295CF4D0AF26C296
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6B0BAEF44B0DF8E5BB0745822D2554FE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EB132CF68BE329B33CBAE821FAA514E4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1BA1799D2B4E9CC96F8CC9B8A9C0B6B1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: CE7FF75E6528DFC799414EA33C9AD8D6
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1673544383385128501429
Frame ID: F75C2DA49242E8663D283AAE63E790A9
Requests: 1 HTTP requests in this frame

Frame: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FBA0B2DBE3B45CF287C448114659C664
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C422AC3C8A2AB44871AED820A81CE62
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 147331BF92CC71E33519B0C6DFF8348F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html
Frame ID: C9E13A2B559E20B72228E6884147B2D1
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 164F9757BD064B30D28D063555F891DD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: FDCC98BD2B737185BC2F6E705B50E371
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 3BA2882BBF40C00CF764D816479B6EF6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fla Resenha | Flamengo

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

304
Requests

94 %
HTTPS

61 %
IPv6

42
Domains

79
Subdomains

60
IPs

10
Countries

5271 kB
Transfer

16164 kB
Size

41
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://br.odds.dog/blog/2022/09/07/esporte-bet-pre-aposta/
Title: Esporte Bet Pré Aposta

Search URL Search Domain Scan URL

URL: https://pt.johnnybet.com/
Title: JohnnyBet

Search URL Search Domain Scan URL

URL: https://www.flashscore.com.br/equipe/flamengo/WjxY29qB/
Title: Resultados do Flamengo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/xresenhacrf

Search URL Search Domain Scan URL

URL: https://twitter.com/SiteResenha

Search URL Search Domain Scan URL

URL: https://www.instagram.com/OFlaResenha/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCiHkjDj2ljgIbiv_zUvdG6g?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.casasdeapostasbrasil.com/odds-aumentadas/
Title: odds aumentadas nas casasdeapostasbrasil.com

Search URL Search Domain Scan URL

URL: https://www.futeboleiro.com/
Title: futeboleiro.com

Search URL Search Domain Scan URL

URL: https://www.chatbro.com/
Title: ChatBro.com © 2023rev 2023-01-05 3:53:24

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 190

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDPMWa7UNR-cYv8ju-WKqEM&google_cver=1&google_push=AavPq0MEc4CVgaD6ZHd9MkJCc9UInm9X_7a3i8f2T6huQIJXKHuThR9pazfGSFfWiIi5fMPYdfXOVMtKLYHMzxdx4Uhq3AsfFTHiSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MEc4CVgaD6ZHd9MkJCc9UInm9X_7a3i8f2T6huQIJXKHuThR9pazfGSFfWiIi5fMPYdfXOVMtKLYHMzxdx4Uhq3AsfFTHiSg

Request Chain 191

https://a.tribalfusion.com/i.match?p=b6&u=CAESECDJ2Dn5XuQ9Y-SjlRGflHo&google_cver=1&google_push=AavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZCBM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZCBM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECDJ2Dn5XuQ9Y-SjlRGflHo&google_cver=1&google_push=AavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZCBM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZCBM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 192

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIuiPCJx8OQ0IrPa8nz-bdQ&google_cver=1&google_push=AavPq0Pl_zcVXJU1WmeqOXp66vDkIK1IisZmYtbPfQ-kZEdfkdU2MvA3sDXAH9FKn_Chd23lJ8Km9NOTkROQLIkigj_UsZbSU1_QPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Pl_zcVXJU1WmeqOXp66vDkIK1IisZmYtbPfQ-kZEdfkdU2MvA3sDXAH9FKn_Chd23lJ8Km9NOTkROQLIkigj_UsZbSU1_QPg&google_hm=eS1uS1VhX0FSRTJwRnp1UjFWbTdQU3R6V3JKbkg5eDMzUH5B

Request Chain 193

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECn3CmxL7Bkzsk6RMRm7QTQ&google_cver=1&google_push=AavPq0MivSIWivseeNwyslYeu_kIRa7jz3KMkpEi5Ci4yl4e5oRfWdmFDRLnwXUOCz_KG8lYTDqIYtBzGStS9MCVZL9JCRPizrgB0XI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENURDQ2MjgtMUotMVdPRw==&google_push=AavPq0MivSIWivseeNwyslYeu_kIRa7jz3KMkpEi5Ci4yl4e5oRfWdmFDRLnwXUOCz_KG8lYTDqIYtBzGStS9MCVZL9JCRPizrgB0XI

Request Chain 194

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEunNnU8GAnL5K2OIsnTGqA&google_cver=1&google_push=AavPq0Ou0D5_tkcNZrv_QMzwe5Q3cRU9964dvHHDcGFubBHnON4n1sCbczKTVn9LfckKu9zm85tlG2ugk2l6vb60U9K6FoJZwHHg6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0Ou0D5_tkcNZrv_QMzwe5Q3cRU9964dvHHDcGFubBHnON4n1sCbczKTVn9LfckKu9zm85tlG2ugk2l6vb60U9K6FoJZwHHg6A

Request Chain 195

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE5pq1NJH_QOKAJI_EPSwfM&google_cver=1&google_push=AavPq0NXNcB0w10qxmyhqQmM2iXuHbdDSwYkE47gQphFjuL4iET2OQ7UYzYscO3womHjA2rP0ZggNe2-OXC8cY0hOOTgHYtz2QGGoQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NXNcB0w10qxmyhqQmM2iXuHbdDSwYkE47gQphFjuL4iET2OQ7UYzYscO3womHjA2rP0ZggNe2-OXC8cY0hOOTgHYtz2QGGoQ

Request Chain 198

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 200

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 260

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 274

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEM0KXPGigGy5gxzCD32qd60&google_cver=1&google_push=AavPq0M2KksoOWBMhfSD1-5z0AS14S-Q2rn61ZfAgwkd8LgB823WQjfhi-ePvCk9vGR721BLlvCds31Rtbl2TZUPDOezuJCJxcbFgxH6plZw7MOnlUWFdlpLPBGsfbwzGgPnRzxklMEHn5RF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NzgxODM5NzY4NjgyMzA2NA%3D%3D&google_push=AavPq0M2KksoOWBMhfSD1-5z0AS14S-Q2rn61ZfAgwkd8LgB823WQjfhi-ePvCk9vGR721BLlvCds31Rtbl2TZUPDOezuJCJxcbFgxH6plZw7MOnlUWFdlpLPBGsfbwzGgPnRzxklMEHn5RF

Request Chain 275

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELlquYQuWUOGnTSUIQc7K6Q&google_cver=1&google_push=AavPq0PMr-f73m_5Tnll3C66vKv7XB6UM929ylmQeY8SDx_oPqNq_kv-9nMAW1tgKGxt03eHSxUaQ_dLEUGP0daee_-oiEIl2c4qsx31dRbDlPXXOvl9qqzi8fyqy-DnSxlONBWru0FqdiY HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELlquYQuWUOGnTSUIQc7K6Q&google_cver=1&google_push=AavPq0PMr-f73m_5Tnll3C66vKv7XB6UM929ylmQeY8SDx_oPqNq_kv-9nMAW1tgKGxt03eHSxUaQ_dLEUGP0daee_-oiEIl2c4qsx31dRbDlPXXOvl9qqzi8fyqy-DnSxlONBWru0FqdiY HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1add9d21-1d36-4c5a-9864-15d7546bf799&ssp=google&gdpr=&gdpr_consent=

Request Chain 276

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGscmcuxw9qc_dMgrsBgwm0&google_cver=1&google_push=AavPq0PKgJIAoJ0gJ54EA2fH7C24ubchyXjDcSM2FxhcjZsn7k5nbrapLbSAFyf1h2Q3evHiiBAtIoAiLhN9tu8xNzeql5QLDp16RM2UI2P_xZN4rhc0YSXoVib1YIZi7FYHL-J9uURgb_X2 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGscmcuxw9qc_dMgrsBgwm0&google_cver=1&google_push=AavPq0PKgJIAoJ0gJ54EA2fH7C24ubchyXjDcSM2FxhcjZsn7k5nbrapLbSAFyf1h2Q3evHiiBAtIoAiLhN9tu8xNzeql5QLDp16RM2UI2P_xZN4rhc0YSXoVib1YIZi7FYHL-J9uURgb_X2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ5NTc0Nzg1ODQwNDE1NjQwOQ&google_push=AavPq0PKgJIAoJ0gJ54EA2fH7C24ubchyXjDcSM2FxhcjZsn7k5nbrapLbSAFyf1h2Q3evHiiBAtIoAiLhN9tu8xNzeql5QLDp16RM2UI2P_xZN4rhc0YSXoVib1YIZi7FYHL-J9uURgb_X2

Request Chain 278

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAbUix_4djoglOX2fm7bsoo&google_cver=1&google_push=AavPq0PCOgQfNGDZwJjwOy4YD31kA05PzIcmc1QP224cdxHipP5IgjDH01UudjBtZFsnON15PH1Wf0ArWnb-ORNbHL5JV7wKnwnXAHAF-0AhVsOvHca8XON-Vc9h1zQcWMwROcTcFT9WxhDg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PCOgQfNGDZwJjwOy4YD31kA05PzIcmc1QP224cdxHipP5IgjDH01UudjBtZFsnON15PH1Wf0ArWnb-ORNbHL5JV7wKnwnXAHAF-0AhVsOvHca8XON-Vc9h1zQcWMwROcTcFT9WxhDg&google_gid=CAESEAbUix_4djoglOX2fm7bsoo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTUwMDEwMjY2NjQ5NjA5Nzg4MDcx&google_push=AavPq0PCOgQfNGDZwJjwOy4YD31kA05PzIcmc1QP224cdxHipP5IgjDH01UudjBtZFsnON15PH1Wf0ArWnb-ORNbHL5JV7wKnwnXAHAF-0AhVsOvHca8XON-Vc9h1zQcWMwROcTcFT9WxhDg

Request Chain 280

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE5pq1NJH_QOKAJI_EPSwfM&google_cver=1&google_push=AavPq0Mlj9gKEac4a88APSPgkIuw3rGgVr83tQUHeoWgkohBUhPQixtOsdKF7Y2Jko-M3HCsDhz1lI2keqP5dpqtH2iKXpwPim9ZRtBmfP1aXhFPlg7ihfreZ2pHhNgNTwudQMkdkju5DvJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Mlj9gKEac4a88APSPgkIuw3rGgVr83tQUHeoWgkohBUhPQixtOsdKF7Y2Jko-M3HCsDhz1lI2keqP5dpqtH2iKXpwPim9ZRtBmfP1aXhFPlg7ihfreZ2pHhNgNTwudQMkdkju5DvJU HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

304 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.flaresenha.com/ 338 KB
72 KB 995ms
131ms Document
text/html 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 5771b4df524111f293f3066d22bdbdb466ef8c66dcfcffa4eb39260e2ae78653

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 12 Jan 2023 17:26:19 GMT
expires: Thu, 12 Jan 2023 17:27:19 GMT
last-modified: Thu, 12 Jan 2023 13:42:56 GMT
server: nginx/1.20.2
vary: Accept-Encoding Accept-Encoding

GET
H2 200 huj7g.css
www.flaresenha.com/wp-content/cache/wpfc-minified/dunesmv8/ 87 KB
12 KB 135ms
135ms Stylesheet
text/css 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/dunesmv8/huj7g.css
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 595c8179e94fddabd1598615229afa5ef273638874474dace749f2a9971074b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 13:45:24 GMT
server: nginx/1.20.2
etag: W/"633d8a74-15a89"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: text/css
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 huj7g.css
www.flaresenha.com/wp-content/cache/wpfc-minified/1rjsacir/ 484 KB
46 KB 242ms
241ms Stylesheet
text/css 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/1rjsacir/huj7g.css
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 10225331bc5d5da45e4af7d2f8e3536aedd8b7e1fee6e85bf3aecc21236e1ff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 13:45:24 GMT
server: nginx/1.20.2
etag: W/"633d8a74-78f4d"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: text/css
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 125ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.9

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 17:17:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Jan 2023 17:26:20 GMT

GET
H2 200 huj7g.css
www.flaresenha.com/wp-content/cache/wpfc-minified/esccgzbl/ 634 KB
98 KB 262ms
262ms Stylesheet
text/css 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/esccgzbl/huj7g.css
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: d153eb341a73efd359b7a121e33f79ebf0a4af99caa5f7d86e738bb32236837a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 13:45:24 GMT
server: nginx/1.20.2
etag: W/"633d8a74-9e9ad"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: text/css
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 jquery.min.js Show response
www.flaresenha.com/wp-includes/js/jquery/ 87 KB
30 KB 370ms
370ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 13:15:57 GMT
server: nginx/1.20.2
etag: W/"6386060d-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.flaresenha.com/wp-includes/js/jquery/ 11 KB
4 KB 389ms
389ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 13:15:57 GMT
server: nginx/1.20.2
etag: W/"6386060d-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 142ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e622d5ecb1ea67297f32c4804b8170d273e742f7970dcadc4ebbaa8ed875bce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27526
x-xss-protection: 0
server: sffe
etag: "1449 / 457 of 1000 / last-modified: 1673525422"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 Jan 2023 17:26:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 186ms
92ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cffd5772edf09814cf0b9ed763f1597246e2eb339183c48c2780d736144afac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49335
x-xss-protection: 0
server: cafe
etag: 3147138665859090980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 17:26:20 GMT

GET
H2 200 flaresenha.js Show response
tags.juicebarads.com/js/ 45 KB
14 KB 663ms
215ms Script
application/javascript 190.89.238.70
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.juicebarads.com/js/flaresenha.js
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.70 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br42.serverdo.in
Software: nginx/1.20.1 /
Resource Hash: 729a7b16cb901a8ec09432e92a332633a045124ad52cd8b012219c10fbc0b817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:51 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 13:54:54 GMT
server: nginx/1.20.1
etag: W/"637b832e-b3e8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 369 KB
124 KB 256ms
106ms Script
text/javascript 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf10f2d2c2627b33f59c5110c744cc586c01cc00616a689c81b818255de09b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125837
x-xss-protection: 0
expires: Thu, 12 Jan 2023 17:26:20 GMT

GET
H2 200 Urubu-Preto.png
controle.flaresenha.com/wp-content/uploads/2020/06/ 9 KB
9 KB 602ms
123ms Image
image/png 190.89.239.12
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.flaresenha.com/wp-content/uploads/2020/06/Urubu-Preto.png
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.12 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us250.serverdo.in
Software: nginx/1.22.1 /
Resource Hash: 5026abb5780b1a184cd85e18e7221ddbde1753b597897c691aec5625aba7ef4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Thu, 18 Jun 2020 02:38:40 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "5eead3b0-2568"
content-length: 9576
content-type: image/png

GET
H2 200 Urubu-Branco-2.png
controle.flaresenha.com/wp-content/uploads/2020/06/ 9 KB
9 KB 724ms
245ms Image
image/png 190.89.239.12
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.flaresenha.com/wp-content/uploads/2020/06/Urubu-Branco-2.png
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.239.12 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us250.serverdo.in
Software: nginx/1.22.1 /
Resource Hash: 142c617a22d3913ed0981d9fbedd455362e2642722f32cff4128d1e720572c35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Thu, 18 Jun 2020 14:28:50 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "5eeb7a22-24dc"
content-length: 9436
content-type: image/png

GET
H2 200 jeg-empty.png
www.flaresenha.com/wp-content/themes/jnews/assets/img/ 70 B
267 B 797ms
795ms Image
image/png 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Fri, 04 Nov 2022 01:28:30 GMT
server: nginx/1.20.2
etag: "63646abe-46"
vary: Accept
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 70
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 juicebarads.flaresenha.com.1374018.js Show response
jsc.mgid.com/j/u/ 3 KB
2 KB 223ms
194ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.js
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b587f9fccdcf122342227870c7576d25874b01a22c31a057ca6d0536010d9ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
x-amz-version-id: 8oWGDqcVq0rg8OPYCavbwnIA_f3uzqcU
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 3CMZ9ZEQKGASFNWC
cf-polished: origSize=2684
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JXT8YIDVwn7cArdgNR3qs/JoeMB3AL7Nfn+8Qmvju34845a6KC/ElYPYpL1Xm+/tbmaxQsEV05c=
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 14:01:40 GMT
server: cloudflare
etag: W/"210711402654eb21eb0c6e44c1410d87"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 788798bbb87d2c1b-FRA
expires: Thu, 12 Jan 2023 20:26:20 GMT

GET
H2 200 tag Show response
a.teads.tv/page/122572/ 711 B
794 B 205ms
113ms Script
application/javascript 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/122572/tag
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8fa27b9279ad366f04dbd20e554944252e67d941883166b9a79a30ca42a44dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 452
expires: Thu, 12 Jan 2023 18:26:20 GMT

GET
H2 200 huj7g.css
www.flaresenha.com/wp-content/cache/wpfc-minified/de7p9k77/ 90 KB
16 KB 134ms
134ms Stylesheet
text/css 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/de7p9k77/huj7g.css
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: defdeece1e2302f3405b271ea544378c0708e085b4d6499f496f52d147259949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 13:45:24 GMT
server: nginx/1.20.2
etag: W/"633d8a74-166e4"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: text/css
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 comment-reply.min.js Show response
www.flaresenha.com/wp-includes/js/ 3 KB
2 KB 132ms
132ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 13:15:57 GMT
server: nginx/1.20.2
etag: W/"6386060d-ba5"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 photoswipe.js Show response
www.flaresenha.com/wp-content/themes/jnews/assets/js/photoswipe/ 31 KB
12 KB 678ms
678ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/js/photoswipe/photoswipe.js?ver=10.8.0
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 1a3ae8e02f48b4c2384be545382225ae5e1baeb0b502595c0c424d94153266f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 01:28:30 GMT
server: nginx/1.20.2
etag: W/"63646abe-7ab5"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 photoswipe-ui-default.js Show response
www.flaresenha.com/wp-content/themes/jnews/assets/js/photoswipe/ 9 KB
4 KB 663ms
660ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/js/photoswipe/photoswipe-ui-default.js?ver=10.8.0
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 2f659d1127e229da4e21081430f10f98cbf39dd97c1af26ca8fc35bd98a0f2e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 01:28:30 GMT
server: nginx/1.20.2
etag: W/"63646abe-25f7"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 hoverIntent.min.js Show response
www.flaresenha.com/wp-includes/js/ 1 KB
942 B 663ms
660ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 13:15:57 GMT
server: nginx/1.20.2
etag: W/"6386060d-5db"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 imagesloaded.min.js Show response
www.flaresenha.com/wp-includes/js/ 5 KB
2 KB 663ms
660ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 13:15:57 GMT
server: nginx/1.20.2
etag: W/"6386060d-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 frontend.min.js Show response
www.flaresenha.com/wp-content/themes/jnews/assets/dist/ 297 KB
85 KB 672ms
669ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=10.8.0
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 08cb37d18c2c7fc6d4202a2b5e14c95b8c6891bd2283b4a6b0486c6bb8672288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 01:28:30 GMT
server: nginx/1.20.2
etag: W/"63646abe-4a48b"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 front.min.js Show response
www.flaresenha.com/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 797ms
795ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.2
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 15:56:19 GMT
server: nginx/1.20.2
etag: W/"637cf123-222e"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 js_composer_front.min.js Show response
www.flaresenha.com/wp-content/plugins/js_composer/assets/js/dist/ 23 KB
7 KB 797ms
794ms Script
application/javascript 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 619ae81b00bc325e12926c7636579808760d1446ecb533288c04517e7efe25eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 12:47:08 GMT
server: nginx/1.20.2
etag: W/"633d7ccc-5def"
vary: Accept-Encoding, Accept-Encoding, Accept
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 embed.js Show response
www.chatbro.com/ 520 KB
103 KB 319ms
252ms XHR
application/javascript 2606:4700:e6::ac40:c109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chatbro.com/embed.js?eyJlbWJlZENoYXRzUGFyYW1ldGVycyI6W3siZW5jb2RlZENoYXRJZCI6IjEzOFhyIn1dLCJsYW5nIjoiZW4tVVMiLCJuZWVkTG9hZENvZGUiOnRydWV9
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d55433632440b48982c5a208a7d7604319129f1e0a84d666cea2102ac2295ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Jan 2023 17:26:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1Ba1gbwL7OqQeDdCyvH5sBBglXnaotRCXTOMnbwbuPgLnMOd3MUHKjwbeCQbvBqkjzz%2B3yDZrS8g0ku%2Bk7QrA0NLOBLXETmXmwq93LTGQHZD13dqZPz3loJwm0o19QvJ%2Bbc26mjK05YIjY1paI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: public, max-age=31536000, s-maxage=200
access-control-allow-credentials: true
cf-ray: 788798bb2a746939-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl_2023011101.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 12 Jan 2023 16:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132552
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 09:35:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Jan 2024 16:49:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 175 B
124 B 144ms
70ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.flaresenha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e63d835b7fba014329c47ad4c5f5beb5ed509c304480fee4a8ea8eff21fa46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
expires: Thu, 12 Jan 2023 17:26:20 GMT

GET
H2 200 preloader.gif
www.flaresenha.com/wp-content/themes/jnews/assets/dist/image/ 4 KB
4 KB 783ms
782ms Image
image/gif 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/esccgzbl/huj7g.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/wp-content/cache/wpfc-minified/esccgzbl/huj7g.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Fri, 04 Nov 2022 01:28:30 GMT
server: nginx/1.20.2
etag: "63646abe-112f"
vary: Accept
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4399
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 114ms
35ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 261688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 154ms
75ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 09:07:05 GMT
x-content-type-options: nosniff
age: 461955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 09:07:05 GMT

GET
H2 200 fontawesome-webfont.woff2
www.flaresenha.com/wp-content/themes/jnews/assets/dist/font/ 75 KB
76 KB 782ms
781ms Font
font/woff2 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/esccgzbl/huj7g.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.flaresenha.com/wp-content/cache/wpfc-minified/esccgzbl/huj7g.css
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Fri, 04 Nov 2022 01:28:30 GMT
server: nginx/1.20.2
etag: "63646abe-12d68"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.flaresenha.com
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 77160
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 123ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 19:42:15 GMT
x-content-type-options: nosniff
age: 596645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 19:42:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 186ms
71ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 123ms
44ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 688 B
381 B 282ms
282ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30aa0946c6a6925e490b1fdaa4c7e935e9033386f2fc5c1084a7af60793781e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9A3A 6 KB
0 200ms
46ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:26:20 GMT
expires: Fri, 12 Jan 2024 17:26:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 268ms
268ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4989239a19775bb384c3b4e556b58cdfd3198cd49602c195f90790b48d9cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10234
x-xss-protection: 0
google-lineitem-id: 6170060282
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138414654759
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 facundo-torres-orlando-750x469.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 50 KB
51 KB 830ms
830ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/facundo-torres-orlando-750x469.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 7db57ca35da97c7c6f273ee5e6ce175fccae7207cb7c41b878a79138207694d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Thu, 12 Jan 2023 00:14:11 GMT
server: nginx/1.20.2
etag: "63bf50d3-c9ff"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 51711
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 marinho-flamengo-2-750x500.jpg
www.flaresenha.com/wp-content/uploads/2022/11/ 52 KB
53 KB 830ms
830ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/11/marinho-flamengo-2-750x500.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 9288d000e200d45cf91be9e7a531441323c9b9693afd2be426ea84d86df4abc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Tue, 08 Nov 2022 14:25:56 GMT
server: nginx/1.20.2
etag: "636a66f4-d1e2"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 53730
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 facundo-united-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 10 KB
11 KB 845ms
845ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/facundo-united-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: ee09844d8469e4284afba7b5bdbafe0963e4254871fa7b80512becd94a0c9ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Wed, 11 Jan 2023 23:37:06 GMT
server: nginx/1.20.2
etag: "63bf4822-2998"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10648
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 agustin-rossi-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/10/ 24 KB
24 KB 846ms
845ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/10/agustin-rossi-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 1908a019854f63f45a100260c53827477d6bc912c05e5b6aea068331f8e2eb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Sun, 09 Oct 2022 04:36:47 GMT
server: nginx/1.20.2
etag: "63424fdf-6102"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 24834
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H/1.1 200
OK e.js Show response
cdn.fsmads.biz/libs/ 9 KB
4 KB 54ms
14ms Script
application/javascript 85.17.31.162
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fsmads.biz/libs/e.js

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

85.17.31.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

129bcfd8be88b701454cf738518e0ef404528e6e422da8fbad451af00ca8b6ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 17:26:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 22 Dec 2022 17:11:00 GMT
Server: nginx
ETag: W/"63a48fa4-2430"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Fri, 13 Jan 2023 17:26:20 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 134 KB
37 KB 677ms
677ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2da7bded5d97dc6447e78d535549ccc2fefe894bf5b88bd267a862903b715820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37631
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 123 KB
37 KB 1000ms
1000ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

322a0f9dfb640f9c96e8e4433109dcd148574a569038dbef68ad9f6942dc1d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37486
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
312 B 1190ms
1190ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86ae6b3d48e75221572311cda6572db61edb611b4be37181450962aa0db4b938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 1450ms
1450ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28d2e71e3039ea6d2ef49abeffd5ef8fa96f1af942a9cd8e22d43ab8a47fd6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11255
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
310 B 1742ms
1741ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd4fa02f4aeaa0ac114f769706f9f0d7bf22e9cb0e35a363d4268a22888513d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 280
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
311 B 1940ms
1940ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0eed67e1809332399c288129807e5080f4c98e0beef9c39b50453861341467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
306 B 2130ms
2129ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34cfa6074587c0991d92aab6e0b06ebdadae9eac46c28ff636154e3342559d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content load Show response
z.cdn.fsmads.biz/ 0
408 B 58ms
16ms Script
text/plain 85.17.31.162
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.fsmads.biz/load?z=1326395243&div=zone_1326395243&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1934&pl=3&mi=4&me=8&hc=4&n=1673544380986&url=www.flaresenha.com%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=Fla%20Resenha%20%7C%20Flamengo&zyx=2325446405
Requested by: Host: cdn.fsmads.biz
URL: https://cdn.fsmads.biz/libs/e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 85.17.31.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Thu, 12 Jan 2023 17:26:21 GMT
Cache-Control: no-cache, must-revalidate
Server: nginx
Connection: keep-alive
P3P: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 g Show response
lpgs.chatbro.com/ 8 B
462 B 86ms
68ms XHR
text/plain 2606:4700:e6::ac40:c109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpgs.chatbro.com/g
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15ae58361663c22fb01bc0a5def542d14b770493b2ecdca62d4dc3bd20d6e031

Request headers

Referer: https://www.flaresenha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH44v5W8UbT6xvtxFHqeiZ2v2RupRxAOPYAxWYG%2F1eftYTE8p2z4q0ng30ldw69b1q0mYwYIWKLWm6f7br6S6bJTkwr%2BWkQQ5Bd6cs3%2B%2BmEbhI5YTel6tiD20AhnTRtaxysbFakzvKkJFs1x2oVC"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 788798bd6fee6939-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 chatbro.woff
www.chatbro.com/fonts/ 14 KB
15 KB 92ms
76ms Font
application/font-woff 2606:4700:e6::ac40:c109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chatbro.com/fonts/chatbro.woff?10
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f74fcaf9c728521c218b7bf05a0bf7173b522e7769165c8f97fdf74734cf0907

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"630e5cd2-383c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Do18MoYzxpTB0tC%2FhKPAWw8wDnKcOzrn14WTB73EZWe8qUShQxwjNcXrQWGoCdnkplZ8Cab44V8XL%2BDkeaQJ36Q7eWVQyNxXI%2FBPEDUg1os6kugm%2BhuBGU1TmogtRD9qruFzYnrcoYQXTMXyQW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 788798bd7837bbe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 12 Jan 2023 17:36:21 GMT

GET
H2 200 chat_vk_logo.png
www.chatbro.com/images/ 735 B
1 KB 21ms
20ms Image
image/png 2606:4700:e6::ac40:c109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chatbro.com/images/chat_vk_logo.png
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163a89e59b219649c013ead3230f372f0e7dca9c8ea0dc0463f991b671b14404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 292
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 735
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
server: cloudflare
etag: "630e5cd2-2df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmlr4jEEO%2FQn8EFUmjvMJ%2FYgpMOokTcUHVLyuA4LFXIN5hrh1WYk4rjYwwF42Sq1Hox7qDUA5OikOaelU9Tq9f7qTL83XE5J%2Bf%2FORoX3SwG5v1mEd%2FmfCzYx4sjoZtaqK8MyodYZBTgxVZzvlYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 788798bdb8696939-FRA
expires: Thu, 12 Jan 2023 17:31:29 GMT

GET
H2 200 chat_telegram_logo.png
www.chatbro.com/images/ 777 B
1 KB 17ms
16ms Image
image/png 2606:4700:e6::ac40:c109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chatbro.com/images/chat_telegram_logo.png
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f63f18bbbe390a7a2d93c0f42bd05c549d856969ccba17ee2f1fc734a77f51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 777
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
server: cloudflare
etag: "630e5cd2-309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8eJHOb94TYmYNIqHIGQqIZm7pN6s%2B%2Bcjv%2BrycksEgWYoOYtZ%2F%2BxU1RbLIjQ09YuOfMcDu6s4yCah%2FqelqisGW6t06wLgejOV8c9JoUVArKAQnI7rsGyh2nsbNucOIlwsdGmgA6WEjOZjCpp6aE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 788798bdb86d6939-FRA
expires: Thu, 12 Jan 2023 17:35:42 GMT

GET
H2 200 chat_facebook_logo.png
www.chatbro.com/images/ 329 B
736 B 15ms
14ms Image
image/png 2606:4700:e6::ac40:c109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chatbro.com/images/chat_facebook_logo.png
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d813de68c702196d2eeaa7e2e5d55167638741533191d3e5038e329ac3f54940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
server: cloudflare
etag: "630e5cd2-149"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saWAMGGfnvY4RgTyoRyufo0XMY0vfF5XLoKoR%2BDxpuTznAMfKU1yZgDvI2WN2w%2Bf%2FZgZDI6seLhYrZl7hHZVvcHOSF5tBRVqiedQzrjxmkq2yJ2uhOom9GvqIcIrEJgt8JZzWbD4v%2BhGtg0lqqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 788798bdb86f6939-FRA
expires: Thu, 12 Jan 2023 17:31:43 GMT

GET
H2 200 chat_google_logo.png
www.chatbro.com/images/ 656 B
979 B 21ms
20ms Image
image/png 2606:4700:e6::ac40:c109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chatbro.com/images/chat_google_logo.png
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c1fc1f22827f0dabf3486fdc286f1c909e7acc4b5999365b9328c36c18d17d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 656
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
server: cloudflare
etag: "630e5cd2-290"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LyiMObEEklbNabvl2eCBN2fDid5pldVW6Sb86uhbyJkNCcNplpsFI68P1xN1rhPiE3kYqgXSadJbNkHXZqGgdJaCKbWuyY9eRD7lhslpqMOPkZS412KvRVRpZb0qUU8Z2KNuA7hfs7BPJG5XJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 788798bdb8726939-FRA
expires: Thu, 12 Jan 2023 17:31:59 GMT

GET
H2 200 no_connection.png
www.chatbro.com/images/ 2 KB
2 KB 19ms
18ms Image
image/png 2606:4700:e6::ac40:c109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chatbro.com/images/no_connection.png
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d026f555341e85649cd2edd6848b55b6cedfcca0c62bba5099e69b62ea713e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1614
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
server: cloudflare
etag: "630e5cd2-64e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuN0sz5LP1TmkH%2BY7M9c5B%2BhhsIlDWr7e3m2Bp9e8TP4IUvRgFSXv7tozO2wiY4N6oAJoxQ3HVTVptKyF6kiQm2D5qcvo%2BZiqFwzWHDN3r5Xy3IfER5qX24a60VIXtne5jQquKdc8MjNjsTi63M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 788798bdb8746939-FRA
expires: Thu, 12 Jan 2023 17:31:43 GMT

GET
H2 200 jegicon.woff
www.flaresenha.com/wp-content/themes/jnews/assets/dist/font/ 7 KB
7 KB 517ms
517ms Font
font/woff 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/esccgzbl/huj7g.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer: https://www.flaresenha.com/wp-content/cache/wpfc-minified/esccgzbl/huj7g.css
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Fri, 04 Nov 2022 01:28:30 GMT
server: nginx/1.20.2
etag: "63646abe-1be8"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff
access-control-allow-origin: https://www.flaresenha.com
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 7144
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C48 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnfj9jmFSCtKfX2PTr28MEfCrxtISF9PPVIxjvaHbfmROYRBuS9KcwepfaiLswh0M11R4z7KXA_Zds9t9RDeBoT2-ftT6RKrad431KQccWq0q594Om3Uw54zaA7YajcEAUyne34255VOhqvM7uqp-Y9hV28bsU22DeMA-tUKlNbhsG7FRaUydmAVBb-ggUzHvX0kDZHlDAhrhjWgKvPPkUVcIrMO9In8ugtTKwV8_S7J9KugpJaEW2eDWTRp3rkhcSuwyJoNAzBmFTB2CvTF4wmPwBWrJbYb-L11t6hyCide_KgeCZgQ3gkJzRZUmFIt_8qoRGLzv8_an9z9uQHQ&sai=AMfl-YRh3PbQowOV9GXI8RZQdFLdBWN3kPHNsvKMafQUK9zW2mEuaWdf9zoCpPHvpophn_FHLAFxOZDgvKUGJAZsBUvc1dMRu9jGp1HDf7bJx4zh_HFts7HB-J40ZiWmfbl84CSAXW0oWHTJ28pOkgfsGLQ&sig=Cg0ArKJSzKj9WPlye7nkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Jan 2023 17:26:21 GMT

GET
H2 200 7f5667890e56de28cb734293df7d2c73.js Show response
scripts.cleverwebserver.com/ 124 KB
47 KB 301ms
255ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/7f5667890e56de28cb734293df7d2c73.js
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff39d152a05c1657f5a722c7c7a1b991b5f39c6c59bb8aa4541273b7139dd1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
x-amz-version-id: zJHRyfmPQDT.9mOruiGRLz4q0EWjhjcz
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 27 Dec 2022 16:57:29 GMT
server: cloudflare
x-amz-request-id: ANVQ9F737EPS875M
etag: W/"267c8242acbb43c5f7fafee56e90dc3b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 788798beba9f9b4c-FRA
x-amz-id-2: CHTKWNyxRhA3ENBmTTPOArZ3Ll4KWcsEfkmC+9Mz6jxAmBSsYlwmUfU2tjChMROxblpuyjeuiG8=
expires: Thu, 12 Jan 2023 17:56:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C48 157 KB
49 KB 223ms
95ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 17:26:21 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 317 B
168 B 2093ms
2092ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1036440414456943&correlator=4195654113097133&eid=31071522%2C31071524%2C31071573&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x100&ifi=10&adks=2756730836&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-v-destaque3&sc=1&cookie=ID%3D81117219a15a50d1%3AT%3D1673544380%3AS%3DALNI_Mb04JiP5QF_7r6cd4M42hByVczutA&gpic=UID%3D00000bc021ab5b6d%3AT%3D1673544380%3ART%3D1673544380%3AS%3DALNI_MYxgh3B8DVpUpyvLIAK5TfjbuLA-Q&abxe=1&dt=1673544381189&lmt=1673530976&dlt=1673544380051&idt=647&adxs=425&adys=4018&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=380x0&msz=380x0&fws=0&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tsNtPtKe7Up7gSNhSnMrAPaAzXQTWcI5YdQe5dOazj_7okAAn321RViY9bJGxMR7lauWaxM4Sge1fPlrsZh3A&ga_vid=741293778.1673544381&ga_sid=1673544381&ga_hid=2141775897&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

951ff612e3b5ad562e0a3b1498ab7bc0c7319b9430cf6edc715af3b9fdf101eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/ 356 KB
117 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5822243610880583&plah=www.flaresenha.com&bust=31071383

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3051fe73da8c981309664033cbbf58a5992b45c6422e8aaa51f58bdb066c6617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119973
x-xss-protection: 0
server: cafe
etag: 4110136180394562370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 17:26:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230110/r20190131/ Frame 972F 10 KB
5 KB 163ms
47ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 19:33:54 GMT
etag: 10353107486223812946
expires: Wed, 25 Jan 2023 19:33:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 163ms
46ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Jan 2023 16:21:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3867
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 12 Jan 2023 18:21:54 GMT

GET
H2 200 juicebarads.flaresenha.com.1374018.es6.js Show response
jsc.mgid.com/j/u/ 658 KB
156 KB 1573ms
1573ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b1105cca486db3d42f02277fa8f23b7972424e86ba487eb513fcef33f63655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
x-amz-version-id: VrlHha4lTn2jx3lVtx8IXE2IiZy6Tt5N
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: H84HRF1S6PASB8YB
cf-polished: origSize=673375
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: rV7hP586yTlUe4BBUEW/j9aEuRAer4pQZsdpaxt5sVcgeNaaPxfX1Q53LuiKzFVIYyf7ANfDTlY=
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 14:01:40 GMT
server: cloudflare
etag: W/"77e24c0d6c8e8f39baf551bfcf92e015"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 788798beae6f2c1b-FRA
expires: Thu, 12 Jan 2023 20:26:21 GMT

GET
H2 200 fa-regular-400.woff2
www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 13 KB
14 KB 427ms
427ms Font
font/woff2 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/de7p9k77/huj7g.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850

Request headers

Referer: https://www.flaresenha.com/wp-content/cache/wpfc-minified/de7p9k77/huj7g.css
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Wed, 05 Oct 2022 12:47:08 GMT
server: nginx/1.20.2
etag: "633d7ccc-34fc"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.flaresenha.com
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 13564
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 fa-brands-400.woff2
www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 74 KB
74 KB 428ms
428ms Font
font/woff2 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/de7p9k77/huj7g.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781

Request headers

Referer: https://www.flaresenha.com/wp-content/cache/wpfc-minified/de7p9k77/huj7g.css
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Wed, 05 Oct 2022 12:47:08 GMT
server: nginx/1.20.2
etag: "633d7ccc-12668"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.flaresenha.com
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 75368
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 fa-solid-900.woff2
www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 74 KB
74 KB 429ms
429ms Font
font/woff2 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/cache/wpfc-minified/de7p9k77/huj7g.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009

Request headers

Referer: https://www.flaresenha.com/wp-content/cache/wpfc-minified/de7p9k77/huj7g.css
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:20 GMT
last-modified: Wed, 05 Oct 2022 12:47:08 GMT
server: nginx/1.20.2
etag: "633d7ccc-127f0"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.flaresenha.com
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 75760
expires: Thu, 19 Jan 2023 17:26:20 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 594 KB
130 KB 24ms
24ms Script
text/javascript 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/122572/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b13d8eadc295ad9bd39225d830df9d9acfc790c4c79392b0ec6e819ea0ab2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
last-modified: Thu, 12 Jan 2023 13:04:21 GMT
x-amz-request-id: HSGSQC3P31S5F29F
etag: "130c1ae9aa042eba3aef0b20dd9613e8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 8
accept-ranges: bytes
content-length: 132629
x-amz-id-2: s9ss76AjIt7zeiy1/JGjmElqNUGs7kbnO7Ob1foBQP0/qs0MRPGjaEGRW7qQSGbw5RXmb7efL3A=
expires: Thu, 12 Jan 2023 17:56:21 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
647 B 136ms
44ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.flaresenha.com&callback=_gfp_s_&client=ca-pub-5822243610880583&cookie=ID%3D81117219a15a50d1%3AT%3D1673544380%3AS%3DALNI_Mb04JiP5QF_7r6cd4M42hByVczutA&gpic=UID%3D00000bc021ab5b6d%3AT%3D1673544380%3ART%3D1673544380%3AS%3DALNI_MYxgh3B8DVpUpyvLIAK5TfjbuLA-Q&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5822243610880583&plah=www.flaresenha.com&bust=31071383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170eadb12b21630729c2c3500c07507dc07733472d89b5ad25921d3db71eced0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 70ms
69ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 46ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 137ms
136ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.flaresenha.com%2F&tn=DIV&cls=chatbro_minimized_chat%20chatbro_movable_chat%20chatbro_header_rotare_to_bottom&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0837 138 KB
42 KB 437ms
436ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1673530976&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.flaresenha.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673544381203&bpp=3&bdt=1152&idt=220&shv=r20230110&mjsv=m202212050103&ptt=9&saldr=aa&abxe=1&cookie=ID%3D81117219a15a50d1%3AT%3D1673544380%3AS%3DALNI_Mb04JiP5QF_7r6cd4M42hByVczutA&gpic=UID%3D00000bc021ab5b6d%3AT%3D1673544380%3ART%3D1673544380%3AS%3DALNI_MYxgh3B8DVpUpyvLIAK5TfjbuLA-Q&nras=1&correlator=7643178354187&frm=20&pv=2&ga_vid=741293778.1673544381&ga_sid=1673544381&ga_hid=2141775897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071383%2C44779794&oid=2&pvsid=1036440414456943&tmod=1512204912&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&dtd=239

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aafe75def3c8e3d10dba0687cfd0784526a153e1b85451b51558376ada8d3b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 42498
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:26:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 70ms
70ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2141775897&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flaresenha.com%2F&ul=en-us&de=UTF-8&dt=Fla%20Resenha%20%7C%20Flamengo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=800430280&gjid=2063218965&cid=741293778.1673544381&tid=UA-77540280-1&_gid=1368878883.1673544381&_r=1&_slc=1&z=1575446157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flaresenha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7C48 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a5bc79e9a56b99b71a8032e867bf0bf4e16abfe4789c0325ab735d715c45ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C48 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdXbP1IzDqeGT-aRRsH-2tuvLKQGZIK5Y6G5Xc-MGFSMzUawJWY9ysrp77Ruo1DrOAGU_P4m9kNpYZsSNDIJJ-x1b9NWxuuBbmdf3FiFLQqJqkOFYSr-e6x8oFsjY2xdD4Sw7Yu3gRqfJpxnOWQ4VrZI-f1u7l7Kl6Uu4BIiLNlGWN0zD8n-TWvqnQr-5TWTIL-8nrxryZtmibCiijRkvGlhEIdB_Vo0FtINkGvISC3HeMZB7jTGa-ppsmuWr2DHB5qLqnBOSb8OoVVVAhE__q3jAt33G0kTo5mMGfhffPvVm1EtCU6dIfNvMPZ-J-tnIOt1Cm83kl2i_Uu8sdab9p&sai=AMfl-YR5O-14VXxHGsukpNpTkSboIl58lDn5bAixQED4VfSeu4oJFZn8RBijk54NYg5plfnhQ4p0Oim8Gj9R5YrXmgMoKp7A3OwdB8r8wrK4YlBPuiD39eDheCEhRCC87tZAbWZfIrpOZfBPMp6yJFwzL6g&sig=Cg0ArKJSzOxhx0gjZw41EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Jan 2023 17:26:21 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 160 B
196 B 64ms
49ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bd51fd4ca406964576a31b8697bce42a2583987571b092b8379eff49f74acd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 788798c0ae769b4c-FRA
content-type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 72ms
25ms XHR
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77540280-1&cid=741293778.1673544381&jid=800430280&gjid=2063218965&_gid=1368878883.1673544381&_u=IAhAAEAAAAAAACAAI~&z=676105466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flaresenha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 12 Jan 2023 17:26:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 20230112133507-cats-360x180.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 13 KB
13 KB 151ms
149ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/20230112133507-cats-360x180.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 34531494c6df170fc75807c6ca3231b31bcdbe80fe16244074710009f254f22c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Thu, 12 Jan 2023 13:35:10 GMT
server: nginx/1.20.2
etag: "63c00c8e-3200"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12800
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 cebolinha-flamengo-fluminense-75x75.jpg
www.flaresenha.com/wp-content/uploads/2022/09/ 12 KB
12 KB 244ms
241ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/09/cebolinha-flamengo-fluminense-75x75.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 6fde990dbe2cf4a94263dd032ed28b21ec8da702f2c1514e529fa351e26f4812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Mon, 19 Sep 2022 23:35:37 GMT
server: nginx/1.20.2
etag: "6328fcc9-2e60"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11872
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 marinho-festa-libertadores-flamengo-75x75.jpg
www.flaresenha.com/wp-content/uploads/2022/11/ 3 KB
3 KB 244ms
242ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/11/marinho-festa-libertadores-flamengo-75x75.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: acc9d8f6c90cb3b427c8ffcef057b3dec0bae7d242fc79e9d99cec25a40b6160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Mon, 14 Nov 2022 14:36:42 GMT
server: nginx/1.20.2
etag: "6372527a-a13"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2579
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 juan-quintero-9-75x75.jpg
www.flaresenha.com/wp-content/uploads/2022/12/ 3 KB
3 KB 245ms
242ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/12/juan-quintero-9-75x75.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 7e0142829ff8505f5cfdad5610074303114e7f08ac016cec6ba144afc929d1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Fri, 30 Dec 2022 12:42:07 GMT
server: nginx/1.20.2
etag: "63aedc9f-bc3"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3011
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 moedas-flamengo-75x75.jpg
www.flaresenha.com/wp-content/uploads/2021/10/ 3 KB
3 KB 245ms
243ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2021/10/moedas-flamengo-75x75.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: ad916ebbc202aede5e7c033be6514835d6b0e5e2e2cd71840abacc15cd4190a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Mon, 18 Oct 2021 23:42:02 GMT
server: nginx/1.20.2
etag: "616e064a-ce4"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3300
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 facundo-torres-orlando-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 8 KB
9 KB 245ms
243ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/facundo-torres-orlando-75x75.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 09794305a8cc55bab91a87eb5ae2d7fae770766078f3667f4a85e6d2a7ca4aab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Thu, 12 Jan 2023 00:14:11 GMT
server: nginx/1.20.2
etag: "63bf50d3-217b"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8571
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 marinho-flamengo-2-75x75.jpg
www.flaresenha.com/wp-content/uploads/2022/11/ 9 KB
9 KB 245ms
244ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/11/marinho-flamengo-2-75x75.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: bdad96e10a2dbfdd927063366fd8cbea4783970e3b0bcc65e894f7e016b19a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Tue, 08 Nov 2022 14:25:56 GMT
server: nginx/1.20.2
etag: "636a66f4-2271"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8817
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 vitor-pereira-flamengo-2-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 2 KB
2 KB 246ms
244ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/vitor-pereira-flamengo-2-75x75.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 7d4b2a804afc4857040e7a4df492ca818a3440c8b539d648a7efcc57f505b35e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Tue, 03 Jan 2023 11:51:31 GMT
server: nginx/1.20.2
etag: "63b416c3-935"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2357
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 matheus-pereira-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 2 KB
3 KB 246ms
244ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/matheus-pereira-75x75.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 9f99806a512e7174cf753498837723e5142cd25e4a7ea57d665dde0e5447ed91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Wed, 11 Jan 2023 23:46:21 GMT
server: nginx/1.20.2
etag: "63bf4a4d-9bf"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2495
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 20230112133507-cats-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 15 KB
15 KB 246ms
245ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/20230112133507-cats-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: fbe3cc3471949cce3b67e7d1403f1ce8a945b149f085c2474b898fe6fa7f8ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Thu, 12 Jan 2023 13:35:10 GMT
server: nginx/1.20.2
etag: "63c00c8e-3b8a"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15242
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 container.html Show response
7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E6D6 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:26:20 GMT
expires: Fri, 12 Jan 2024 17:26:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 75ms
70ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame 782C 325 B
486 B 69ms
31ms Document
text/html 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 325
content-type: text/html; charset=UTF-8
date: Thu, 12 Jan 2023 17:26:21 GMT
expires: Thu, 12 Jan 2023 17:26:21 GMT
pragma: no-cache
server: akka-http/10.2.9

GET
H2 200 track
t.teads.tv/ 23 B
113 B 98ms
45ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=d794c690-39ab-46b1-bab8-ca8d6a0020e8&pageId=122572&pid=133145&debug_metadata=qxGgu524yQ&fv=1118&ts=1673544381680&f=1&referer=https%3A%2F%2Fwww.flaresenha.com%2F
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 99ms
45ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=d794c690-39ab-46b1-bab8-ca8d6a0020e8&pageId=122572&pid=133145&fv=1118&ts=1673544381690&f=1&referer=https%3A%2F%2Fwww.flaresenha.com%2F
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 12 Jan 2023 17:26:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 flaresenha.com.js Show response
intersc.igaming-service.io/ 35 KB
8 KB 77ms
12ms Script
application/javascript 2600:9000:223d:e400:17:1c9a:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intersc.igaming-service.io/flaresenha.com.js?ver=2023112
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:e400:17:1c9a:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab0fa449b6ae3feda1b5ed46ff7812af0aecaf70d4291c4a61f828771fce8b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jan 2023 15:55:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 3234
etag: W/"86c9ec57225a7dd1b94db2d9c8afbe34"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: J4KKDANHVLYfkddpDQyljmDwU2i2YdXbD5TEnRfEUhD8hMK14HFKNg==

GET
H2 400 load
z.cdn.trafficdok.com/ 0
0 63ms
13ms Script
text/plain 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.trafficdok.com/load?z=1618681264&div=zone_1618681264&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1934&pl=3&mi=4&me=8&hc=4&n=1673544380986&url=www.flaresenha.com%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=Fla%20Resenha%20%7C%20Flamengo&zyx=2325446405
Requested by: Host: cdn.fsmads.biz
URL: https://cdn.fsmads.biz/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
server: nginx
content-length: 13
content-type: text/plain; charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 202ms
82ms Image
image/gif 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-77540280-1&cid=741293778.1673544381&jid=800430280&_u=IAhAAEAAAAAAACAAI~&z=2081262428

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 201ms
82ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-77540280-1&cid=741293778.1673544381&jid=800430280&_u=IAhAAEAAAAAAACAAI~&z=2081262428

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 7C48 0
0

GET
H2 200 pub-5822243610880583 Show response
fundingchoicesmessages.google.com/i/ 19 KB
8 KB 150ms
66ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-5822243610880583?ers=1

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/flaresenha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c13d1d53e86db2be2a25e07b73c9e9a1bce08610158a53723536b3a2df62e6d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-dNp4H5kyHcUvcXtwha_B5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-dNp4H5kyHcUvcXtwha_B5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 124ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/flaresenha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99b7627b56cf4759aa0f42d34fdd32bac55837df34efcb037743b6ca91de2dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49302
x-xss-protection: 0
server: cafe
etag: 1871823681805065489
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 17:26:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
38 KB 130ms
47ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/flaresenha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a18c926589bc4b1ed6572b544e29a1cd59f72f41e37804fe0559613202bda961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38008
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Jan 2023 17:26:21 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 15 KB
15 KB 126ms
30ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-11382-4/CT-1249
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:35:40 GMT
via: 1.1 google
age: 3041
x-guploader-uploadid: ADPycdvriN-nsRS9LChMF_-sNXWcqUVeT-2lBmK_pCVTqRkPIrdP1D6lH-BVMI7pLBIh8xX1Zn7_7BUZLmTpPcjWDYMpCV_-6xy-
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
last-modified: Thu, 19 Dec 2019 17:12:55 GMT
server: nginx/1.8.1
vary: Accept-Encoding,Accept-Encoding
x-goog-generation: 1576775575233105
x-goog-hash: md5=CqkkyYa2DGg0W+K2RKI33w==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 6184
expires: Thu, 12 Jan 2023 18:35:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 435 B
268 B 1473ms
1472ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1036440414456943&correlator=4195654113097133&eid=31071522%2C31071524%2C31071573&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=21622511100%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=12&adks=2482102539&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Doutofpage&sc=1&cookie=ID%3D81117219a15a50d1-2291708f3ddb000d%3AT%3D1673544380%3ART%3D1673544381%3AS%3DALNI_MaQdXAYM7tcny8_SsP4yCURGlMR3A&gpic=UID%3D00000bc021aea25a%3AT%3D1673544380%3ART%3D1673544380%3AS%3DALNI_MbA02_-L3TdPSSovArxrK2uYw-Zeg&abxe=1&dt=1673544381811&lmt=1673530976&dlt=1673544380051&idt=647&adxs=0&adys=4823&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=741293778.1673544381&ga_sid=1673544381&ga_hid=2141775897&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

539b231699a58945e61a83a506da82839e067a5646af908df328e03b3e8b8960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 102 KB
34 KB 1800ms
1800ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1036440414456943&correlator=4195654113097133&eid=31071522%2C31071524%2C31071573&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=13&adks=128102006&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-h-destaque&sc=1&cookie=ID%3D81117219a15a50d1-2291708f3ddb000d%3AT%3D1673544380%3ART%3D1673544381%3AS%3DALNI_MaQdXAYM7tcny8_SsP4yCURGlMR3A&gpic=UID%3D00000bc021aea25a%3AT%3D1673544380%3ART%3D1673544380%3AS%3DALNI_MbA02_-L3TdPSSovArxrK2uYw-Zeg&abxe=1&dt=1673544381815&lmt=1673530976&dlt=1673544380051&idt=647&adxs=857&adys=119&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tsNtPtKe7Up7gSNhSnMrAPaAzXQTWcI5YdQe5dOazj_7okAAn321RViY9bJGxMR7lauWaxM4Sge1fPlrsZh3A&ga_vid=741293778.1673544381&ga_sid=1673544381&ga_hid=2141775897&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25d11f097277d688b17fb4e7f344364df5d3df3565a591207a0e219db23e8d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34621
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame E6D6 2 KB
818 B 190ms
60ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E6D6 0
0 77ms
77ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5AMovULAY8X8AdKR9fgPmo2m4A20ruO2bqzwtNy9ELz2sIqYOBABINbOt05gleKQgqAHoAGxtN_VA8gBCakCxtrxx_gNsj7gAgCoAwHIA8sEqgTtAU_Qz3oSVTduDiWXGr32grnEjj1rCaGOvwQ2Qyk3fD1ODVT_V4hUkGXEcOj6d26j2NHCu3Tag79IOsYL3rE_BLn1JHyyi4MWJR1OP5_k9aZT9QnkVbBGWgRBBVvO6yAu5UIa0k63kBfw_EO4AkGsEPocF2xr0VRnCrmcAin1tKxQUwOes6NNwcQ3vNKU4ksoHwpUdOtmZZrypSKayZJio078SEY5-rMGef_LZreXX3xJhG6F0_Klr3170iKLo5SaGupB0epzibYE2oohf0d5UtATCnRlCgFO6EIaCg_EWifk0comEHNZpZAwR2XAqcAEo8LGh5gE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8ml7xqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ_KsG0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=76p5L0GCWpg&uach_m=[UACH]&cid=CAQSSwDq26N9z1fRG9-lIuCgTqIr7Y2JhoLfKp8HQ39fnJXMMyyC8Noc_WKKGeexJfk46L-F29TQm0VzXFmwn21rp3SSFADcZxMPEzeOWRgBIBM&template_id=494
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame E6D6 22 KB
9 KB 174ms
47ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame E6D6 3 KB
1 KB 187ms
61ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame E6D6 18 KB
7 KB 179ms
53ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6D6 157 KB
48 KB 116ms
115ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 17:26:21 GMT

GET
H2 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame E6D6 33 KB
14 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 12:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 12:22:20 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
133 B 100ms
84ms Image
image/gif 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://call.cleverwebserver.com/?id=36456&c=DE&r=HE&l=257&b=Chrome&os=Win10&mob=0&v=1.34.0&ref=aHR0cHM6Ly93d3cuZmxhcmVzZW5oYS5jb20v&ruri=&iv=-1&ctr=DE&sz=1200

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 788798c2cb359b4c-FRA
content-length: 43
content-type: image/gif

GET
H2 200 jorge-carrascal-750x750.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 86 KB
87 KB 131ms
130ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/jorge-carrascal-750x750.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 2fc2598df8445b62dbf58421709be4be24ff3bd951488ceba8d286f252fdf149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Wed, 11 Jan 2023 22:23:26 GMT
server: nginx/1.20.2
etag: "63bf36de-15940"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 88384
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 juan-quintero-6-750x546.jpg
www.flaresenha.com/wp-content/uploads/2022/12/ 57 KB
57 KB 132ms
132ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/12/juan-quintero-6-750x546.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 11a5ac551b782447974b6ad7b81b9a92fa277129d0515cdd19e2570b917921db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Thu, 29 Dec 2022 13:20:07 GMT
server: nginx/1.20.2
etag: "63ad9407-e28f"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 57999
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 manga-camisa-flamengo-patch-libertadores-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/12/ 18 KB
18 KB 134ms
133ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/12/manga-camisa-flamengo-patch-libertadores-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 56260306e367a146c7c12e63b9cd2cac5995ad892285247bc03e42d9c98d27ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Sun, 11 Dec 2022 13:37:36 GMT
server: nginx/1.20.2
etag: "6395dd20-4708"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18184
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 rodrigo-conceicao-porto-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 14 KB
14 KB 134ms
134ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/rodrigo-conceicao-porto-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 22ab2b834ea709e6b28e4a8bbfa2b20093447707590a04821bf1ab146c6834ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:21 GMT
last-modified: Wed, 11 Jan 2023 22:10:15 GMT
server: nginx/1.20.2
etag: "63bf33c7-382e"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14382
expires: Thu, 19 Jan 2023 17:26:21 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E6D6 28 KB
28 KB 175ms
80ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQctPODdXoMiOwUOIdb48Frb4v9i6OOP7LGNYhkJf-MwPUZA1Q1E9yNc6LtsyY&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf32675d31b1a1c0fc0c12965be148f0a193a3089fcbf31d86b4321e1d32908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 16:25:30 GMT
x-content-type-options: nosniff
age: 176452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28170
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 00:45:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 10 Jan 2024 16:25:30 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E6D6 32 KB
32 KB 174ms
77ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQDYWwxEH1E1XFjaeRWFWSlwnuBDQtklupCXIxKP25OhP4iGImkvMrRx6n-HAU&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a672e1fb6e4c3120a1f255a765721c64148eb33eacd746323fd9760d378a28a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:32:13 GMT
x-content-type-options: nosniff
age: 143649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32450
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 03:09:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 11 Jan 2024 01:32:13 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E6D6 36 KB
36 KB 132ms
36ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQctAscnvH_m6RYY5VTWTSXTnwJWV4V1-8Pzo4ocdlk5jLv7uhX5EiDo0d-0Bw&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264834371dc0ca19ab3356277f3d75ffb062d6162a6e257a83ece3d07fe3014a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:56:38 GMT
x-content-type-options: nosniff
age: 358184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36600
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 12:27:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 08 Jan 2024 13:56:38 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E6D6 37 KB
38 KB 130ms
36ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTckDamuWAQsCwjDrbpBaOYk__m9NgwHgZXdpEhdbaLe_cvOxxvsH8dERJ2ppU&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e81b172bb49c05096feddfa9d5aeb37cc26fdbe3e23370a4069d8c983dae0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 16:36:56 GMT
x-content-type-options: nosniff
age: 175766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38341
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 00:51:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 10 Jan 2024 16:36:56 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E6D6 45 KB
45 KB 201ms
105ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTLNmvpD66YERFLfEIBdgXF6opRQlaYhrfisBu0chADtNmCH0Rd17fImUlmVw8&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8c98cfa6ec8606c05a0c25d5999c1ee5f425b2725355bbe43e12a9a7476d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 08:11:51 GMT
x-content-type-options: nosniff
age: 119671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46380
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 17:16:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 11 Jan 2024 08:11:51 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E6D6 40 KB
41 KB 136ms
38ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT-IHt-mjIrE8Lv5O4ITWI-3ahOFMKQIcn5YFhO7NUF6dp2Y_5muoaCMH9tjbY&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e37a75db68216769512d2de82d708ce40ae84ddaa1af1d9b2524de169153146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 21:38:39 GMT
x-content-type-options: nosniff
age: 157663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41355
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 18:06:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 10 Jan 2024 21:38:39 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E6D6 11 KB
12 KB 137ms
38ms Image
image/png 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQUpVgTbiF8VMwY4jyF-5GB00nIgDe848eyfG057XSqHkYZSzSl&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2231386c6844c21e35c2fc7364412685715d3bf71a0773f92df52f36a65a2341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:12:01 GMT
x-content-type-options: nosniff
age: 407661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11398
x-xss-protection: 0
last-modified: Wed, 31 May 2017 10:01:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 08 Jan 2024 00:12:01 GMT

GET
H/1.1 200
OK / Show response
ip-api.igaming-service.io/ 305 B
561 B 204ms
150ms XHR
application/json 3.10.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ip-api.igaming-service.io/

Requested by

Host: intersc.igaming-service.io
URL: https://intersc.igaming-service.io/flaresenha.com.js?ver=2023112

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.10.72.72 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-72-72.eu-west-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

282df3d7845ef5cc7a6fad733f6d2b2e25668bc901c319e1e6788e0337b5f105

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 12 Jan 2023 17:26:22 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 305
Content-Type: application/json; charset=utf-8

GET
H3 200 container.html Show response
7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B1F6 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:26:20 GMT
expires: Fri, 12 Jan 2024 17:26:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/ 150 KB
51 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/reactive_library_fy2021.js?bust=31071383

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a17e959f3a5c459c62e05a0a7f1e0b238033be63f7ded467b6cc45e4b79fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52350
x-xss-protection: 0
server: cafe
etag: 4301784809556841107
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Jan 2023 17:26:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 69ms
69ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
44ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 859 B
460 B 1673ms
1673ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1036440414456943&correlator=4195654113097133&eid=31071522%2C31071524%2C31071573&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=14&adks=2179566269&sfv=1-0-40&ists=1&fas=8&prev_scp=site%3Dflaresenha%26place%3Dinterstitial&cust_params=Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&sc=1&cookie=ID%3D6542688962915214%3AT%3D1673544380%3AS%3DALNI_MZAIhf96va07R0jmx60_Bmq5iqo0w&gpic=UID%3D00000bc021835991%3AT%3D1673544380%3ART%3D1673544380%3AS%3DALNI_MY6u_pq_IoPNpgRWW8S8-p5-x_dPA&abxe=1&dt=1673544382038&lmt=1673530976&dlt=1673544380051&idt=647&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tsNtPtKe7Up7gSNhSnMrAPaAzXQTWcI5YdQe5dOazj_7okAAn321RViY9bJGxMR7lauWaxM4Sge1fPlrsZh3A&ga_vid=741293778.1673544381&ga_sid=1673544381&ga_hid=2141775897&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa2e92d3af711dd6f3cb9191d282bd36baad3ea60fc15628a1e22ea350aace9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 431
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flaresenha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2023011101.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023011101.js?cb=31071573

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac275ca2a119d8080881532a278a3fbec41631fadac0ab42fe51795ba673f9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 11:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13715
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 09:35:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Jan 2024 11:52:01 GMT

GET
H2 200 cebolinha-flamengo-fluminense-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/09/ 32 KB
32 KB 128ms
127ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/09/cebolinha-flamengo-fluminense-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 87a54aafe7240910365219da5a0bc911c4fca8ba6e350ea4480cf8639770e59d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
last-modified: Mon, 19 Sep 2022 23:35:36 GMT
server: nginx/1.20.2
etag: "6328fcc8-7e22"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 32290
expires: Thu, 19 Jan 2023 17:26:22 GMT

GET
H2 200 marinho-festa-libertadores-flamengo-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/11/ 26 KB
26 KB 128ms
127ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/11/marinho-festa-libertadores-flamengo-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: b92d5a085caf121d414b29fdf089d31f62f0f56d2a4a4cee7bc1911e1a069c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
last-modified: Mon, 14 Nov 2022 14:36:42 GMT
server: nginx/1.20.2
etag: "6372527a-6723"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 26403
expires: Thu, 19 Jan 2023 17:26:22 GMT

GET
H2 200 juan-quintero-9-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/12/ 25 KB
25 KB 129ms
128ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/12/juan-quintero-9-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 96cc37a1a24ac12d7af865422f9c32fb084fb4e856b150ab14ae68cfda27a58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
last-modified: Fri, 30 Dec 2022 12:42:06 GMT
server: nginx/1.20.2
etag: "63aedc9e-6455"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 25685
expires: Thu, 19 Jan 2023 17:26:22 GMT

GET
H2 200 moedas-flamengo-350x250.jpg
www.flaresenha.com/wp-content/uploads/2021/10/ 29 KB
29 KB 129ms
128ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2021/10/moedas-flamengo-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: f5b1f81f8648d2f88d8f4cb6a67f3720a2f945b48f5c18a67c7e950d8a6fc3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
last-modified: Mon, 18 Oct 2021 23:42:02 GMT
server: nginx/1.20.2
etag: "616e064a-7479"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 29817
expires: Thu, 19 Jan 2023 17:26:22 GMT

GET
H2 200 facundo-torres-orlando-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 21 KB
22 KB 130ms
129ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/facundo-torres-orlando-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: b0d0b58bae13b33cb602a85dc907aa3eda5a4784272e863b44f264ff2918f281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
last-modified: Thu, 12 Jan 2023 00:14:10 GMT
server: nginx/1.20.2
etag: "63bf50d2-5580"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 21888
expires: Thu, 19 Jan 2023 17:26:22 GMT

GET
H2 200 marinho-flamengo-2-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/11/ 22 KB
22 KB 130ms
129ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2022/11/marinho-flamengo-2-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: d798d98c12402372ca3f112eaa38de1100dcec9962067f2a4bdebb80fc71bb59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
last-modified: Tue, 08 Nov 2022 14:25:55 GMT
server: nginx/1.20.2
etag: "636a66f3-56e1"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 22241
expires: Thu, 19 Jan 2023 17:26:22 GMT

GET
H2 200 vitor-pereira-flamengo-2-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 17 KB
17 KB 130ms
130ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/vitor-pereira-flamengo-2-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 3f602d089f0225f9657d05d5263e6ff4aeb4bc3246c2bbb29f526d594e30f54b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
last-modified: Tue, 03 Jan 2023 11:51:30 GMT
server: nginx/1.20.2
etag: "63b416c2-43e2"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 17378
expires: Thu, 19 Jan 2023 17:26:22 GMT

GET
H2 200 matheus-pereira-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 21 KB
21 KB 131ms
130ms Image
image/jpeg 190.89.239.168
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flaresenha.com/wp-content/uploads/2023/01/matheus-pereira-350x250.jpg
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us310.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 79dcec181adb8982eefb177ee35882829a7467698a3c9c296eac29fba4318d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
last-modified: Wed, 11 Jan 2023 23:46:21 GMT
server: nginx/1.20.2
etag: "63bf4a4d-5318"
vary: Accept
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 21272
expires: Thu, 19 Jan 2023 17:26:22 GMT

GET
H2 200 1fa652aa70ababc78244f8b54c5f124c.js Show response
www.gstatic.com/mysidia/ Frame B1F6 9 KB
4 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efaee115f8c9c7c11e2e17bd4d580db1136571500686a8f68cdba7a5117576a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4234
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:14 GMT

GET
H2 200 4a930f1d12175de7517f8d15f69bdfbf.js Show response
www.gstatic.com/mysidia/ Frame B1F6 19 KB
8 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8701138e15ab5c3379f8327d91cd2ed9524c961ca7f0bd3b91677e7f894c29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8006
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B1F6 2 KB
765 B 47ms
47ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H2 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame B1F6 5 KB
2 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 12:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 01:26:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 12:40:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame B1F6 22 KB
9 KB 48ms
46ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B1F6 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B1F6 18 KB
7 KB 55ms
54ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1F6 157 KB
48 KB 113ms
112ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 17:26:22 GMT

GET
H3 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame B1F6 33 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:00:08 GMT

GET
DATA 200
OK truncated
/ Frame E6D6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aefb1d90d1391ee5de46fb5c0f3f435ea4920ce1d44758cd26902a3299e249f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 72ms
71ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/ Frame 4F9B 10 KB
4 KB 47ms
47ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 22:15:59 GMT
etag: 10353107486223812946
expires: Wed, 25 Jan 2023 22:15:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 19A1 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B1F6 42 KB
42 KB 40ms
38ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ4-PXB7fc6VzvP6WKN84tWbQAH2W1hqhdvC_up_dfolc1zowGxdOdIdt1hZkw&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed1f08febd4d5cb89e121dcad39fcb6adc1ba86ffed538d2c3256429c32bddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 12:52:22 GMT
x-content-type-options: nosniff
age: 102840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42950
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 09:50:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 11 Jan 2024 12:52:22 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B1F6 23 KB
24 KB 38ms
36ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTrPClwnobD1niG8SYFWBFrAQRwav7rzKhwbXf_iLb8t8csxdT7bgMKXZCOjg&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b81f931e2816d1dc48fb29d19e06eae65262864a37069d04ab43caf106d3effb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:52:46 GMT
x-content-type-options: nosniff
age: 506016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24041
x-xss-protection: 0
last-modified: Sat, 22 May 2021 09:23:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Jan 2024 20:52:46 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B1F6 73 KB
74 KB 81ms
79ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQoDK3oQ3EcQgSbeyOEBVacSdewJP2R2Zlxt9DV0aujJ7Ap3OYXTF9smPcEtsY&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88800c7a31782acf39762b0f9f2e4038c2cd26748a7ab43f1d98d7bab34ac9f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:24:46 GMT
x-content-type-options: nosniff
age: 126096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75245
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 00:06:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 11 Jan 2024 06:24:46 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B1F6 38 KB
39 KB 41ms
39ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS2brGTxtff-1OTWDBsWN3gjs0HDKtL_d3VBdtRsk9YXKmZ1-hfKIze9fZf1A&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

521be7662ab9b44984e6673980040011718543c2d17681e9a146263677ee8bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 14:02:24 GMT
x-content-type-options: nosniff
age: 271438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39400
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 12:32:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Jan 2024 14:02:24 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B1F6 9 KB
9 KB 39ms
37ms Image
image/png 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRYoXgL_cH6TiCi377njmBG_0oRAuvht0SRKjZVkjI-1OBic9rk&usqp=CAI

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97de646e7610229dec212db13096c78b6e14ee4d192537d37cb03230c1a87b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 07:08:02 GMT
x-content-type-options: nosniff
age: 469100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9446
x-xss-protection: 0
last-modified: Wed, 31 May 2017 10:01:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Jan 2024 07:08:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B1F6 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgOWAvULAY8_LGo-O9fgPhIW08Au0ruO2bqzwtNy9ELz2sIqYOBABINbOt05gleKQgqAHoAGxtN_VA8gBCakCxtrxx_gNsj7gAgCoAwHIA8sEqgTtAU_Qkf2GcW_-DYdjILZmb1GvXEcbOiS-bT4b8qYk4bInNEPnATBUBW9ZEkVJMrD-o_BMhYtDHsCo9m8IutQv4JVzNE-ple5ZhYc2bI7QNPgHKmC5nIl_-4aO0R1rc2w2yiHFqc0p6nuM7eDK7k_u6yJwrHjEsnLWlhEhPAlGd_FG7HCkQdzp0IpzREPKkwK6PBOCI8pTvxSnVwyfK49CrgSOLgQbbnfeOv6eI01SqMAowOQ_yiKboIa-R6gBxCYkW1K12I9xjr_nNiEuqG-TpbeHRmvsEK3JEF8Bx1_Tu8dRZXpE9li_9hOjOrzFQcAEo8LGh5gE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8ml7xqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQudIC0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=BjVdKsQux8g&uach_m=[UACH]&cid=CAQSSwDq26N9f3QlfQq2_FWjd9CySXik1zNC1DpASrcUhSaUllCumDnW-hgZ57yTBvYK7F9VjSBj8o_Ewaoh4VayDMJCXRiz18FlZtm8IBgBIBM&template_id=494
Requested by: Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B1F6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b327f6c52345ab2f25d6ae3327917437183dd620456012c37b6b4d6e651d6bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 4F9B 4 KB
636 B 128ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 16:01:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Jan 2023 17:26:22 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4F9B 205 B
229 B 39ms
39ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 08:15:55 GMT
x-content-type-options: nosniff
age: 33027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jan 2024 08:15:55 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4F9B 604 B
628 B 40ms
39ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 08:03:33 GMT
x-content-type-options: nosniff
age: 33769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jan 2024 08:03:33 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230110/r20110914/elements/html/ Frame 4F9B 21 KB
9 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f51e1388aceb53ada250a106f306e0017dda3caf43e6d6cbf22f510fed41168f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 22:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8964
x-xss-protection: 0
server: cafe
etag: 17890159814725282299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 22:14:25 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F6 0
20 B 139ms
138ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211111611000/ Frame 836B 221 KB
61 KB 166ms
46ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211111611000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fd2d072d360f865ff63c7413d9a59757dceaaa38294c939c848da2f5551b12

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 09 Jan 2023 18:12:53 GMT
age: 256409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61575
x-xss-protection: 0
server: sffe
etag: "096ddbd6e6cd221e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Jan 2024 18:12:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211111611000/v0/ Frame 836B 14 KB
5 KB 247ms
127ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211111611000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 09 Jan 2023 18:12:53 GMT
age: 256409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5201
x-xss-protection: 0
server: sffe
etag: "0e2d67a193799b94"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Jan 2024 18:12:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211111611000/v0/ Frame 836B 94 KB
28 KB 255ms
135ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211111611000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 09 Jan 2023 18:12:53 GMT
age: 256409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28866
x-xss-protection: 0
server: sffe
etag: "61003bcde0ed5887"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Jan 2024 18:12:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211111611000/v0/ Frame 836B 5 KB
2 KB 272ms
152ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211111611000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 09 Jan 2023 18:12:53 GMT
age: 256409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "d44263764bdab45e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Jan 2024 18:12:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211111611000/v0/ Frame 836B 40 KB
13 KB 273ms
154ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211111611000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 09 Jan 2023 18:12:53 GMT
age: 256409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12947
x-xss-protection: 0
server: sffe
etag: "9cd92599851d18a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Jan 2024 18:12:53 GMT

GET
DATA 200
OK truncated
/ Frame 836B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da02429bffc3f835cd905bdbeb9cda5d930c2dd173a2cc1b44363da4cd81ccde

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1662952855414908220
tpc.googlesyndication.com/simgad/ Frame 836B 6 KB
6 KB 53ms
53ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1662952855414908220?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkBLWrrjvZFd95saH8Oi1BaWUHV-A

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c8fed2eb252b615b978715da6f9d319828a6f6f1cdf293483e38663ea4e6cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:07:18 GMT
x-content-type-options: nosniff
age: 19144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6447
x-xss-protection: 0
last-modified: Fri, 24 Dec 2021 08:58:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jan 2024 12:07:18 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 836B 3 KB
3 KB 52ms
52ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:24:02 GMT
x-content-type-options: nosniff
server: cafe
age: 7340
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Fri, 13 Jan 2023 15:24:02 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 836B 344 B
368 B 52ms
51ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 21:36:06 GMT
x-content-type-options: nosniff
server: cafe
age: 71416
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Jan 2023 21:36:06 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 836B 0
0 81ms
80ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvW2bvkLAY4SCAou-lgTN4ILwC5XT74puqs2nopQR3NkeEAEg1s63TmCV4pCCoAegAbL5qZUCyAECqQLG2vHH-A2yPuACAKgDAcgDCKoE9QFP0LW5T7irbXHeFvBkc2MdTCtHc62wY4F7K5uKGPrab4nxKVZN2wInubwkCFpAHmcnGI_rSEIOvytC1FQ_1QnOa4q4FY4jSdBwH3PqmThAS4E-V2wTjMeKa5dHRTcdAfRLGzKzqv_WbIaqUCCUeOC6xgMVnbEEIUkBEiCVjzqevRZMCKVhpX5VqCWFhH2PaeNnZX7yfLwNl79vnEMyjol6exRcXepZOVuRQtx9BKrvSflDd3-J92uhKMh4odelAOhMvmxg6ysG5nhI3Kol3qOnduUJWHqd_bmXoxc8hp9uSJAWmZejneD5YDt9eO0fdx94-dPWRMAEnqGrh5YE4AQBkgUECAQYAZIFBAgFGASgBgKAB7aG1uoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3OoB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=bRdTg_1rh90&uach_m=[UACH]&cid=CAQSTADq26N9nivRuq0M0BCJ6_FEraEr7Ne2z2ZT2atFzD3ZD0OuF6akvI6MviObPmOU7RvHAlF9ghU53P1qXOhKo93XmtCZYU3vCR44SlQYASAT
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 95E4 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6B0B 8 KB
895 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 16:07:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Jan 2023 17:26:22 GMT

GET
H3 200 delayed_impression_vu_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230110/r20110914/elements/html/impression/ Frame 6B0B 19 KB
8 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a4ce6bcfef7614312afd1f8f23633a60050137708210c8f5367479aa79cea79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8419
x-xss-protection: 0
server: cafe
etag: 5330895511543859659
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 16:34:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230110/r20110914/client/ Frame 6B0B 2 KB
765 B 74ms
73ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 17:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 17:41:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230110/r20110914/ Frame 6B0B 22 KB
9 KB 54ms
53ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f75e0333fb9d170052bdbcd219be104a1bd0e9079d0b142141c2ba13eafac957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 17:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8901
x-xss-protection: 0
server: cafe
etag: 498305096554648585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 17:41:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230110/r20110914/client/ Frame 6B0B 3 KB
1 KB 75ms
74ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 16:27:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230110/r20110914/client/ Frame 6B0B 18 KB
7 KB 68ms
67ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83fcdb72fe3be2adc50b25a9bb1733698cb9778d9be9efa7858a8b4ec9c52f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 8744528437073675987
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 16:27:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6B0B 0
0 69ms
68ms Image
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJRTtqQHwBf2OowrvyJjx9s1hgjJec6boHCELbxAdvC-j9eSJvBvjIEgxmj1-U2xZaPcxie8gl2MszFOYfc4NvMPLFFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B0B 157 KB
48 KB 103ms
102ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 17:26:22 GMT

GET
H3 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame 6B0B 33 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 12:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 12:22:20 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F6 0
20 B 145ms
144ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKMQgEKi1teXNpZGlhX2FuYWx5dGljc19leHAyLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRAQIQAAAAAAEqdAMAQKDRARIQAAAABAJNNAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAAGhmnnVAMAQKDRAUIQAAAABAJNNAMAQKDRAVIQAAAAAAAC5AMAQKDRAWIQAAAAAAACZAMAQKDRAYIQAAAAAAiHdAMAQKDRAyIQAAAAA0M-M_MAQKDRAzIQAAAAA0M_M_MAQKDRA0IQAAAAA0M_M_MAQKDRA1IQAAAAA0M_M_MAQKDRA2IQAAAAA0M_M_MAQKDRA3IQAAAAA0M_M_MAQKDRA4IQAAAADOzPw_MAQKDRA5IQAAAKCZmUVAMAQKDRA6IQAAAKCZ2UVAMAQKDRA7IQAAAGhmlnVAMAQKDRA8IQAAAGhmlnVAMAQKDRA9IQAAAAAAoHVAMAQKDRA-IQAAAM7MHHdAMAQKDRA_IQAAAGhmHndAMAQKDRBAIQAAAAAAsHdAMAQSGkNJLWVfTkxHd3Z3Q0ZROUhIUWtkaEFJTnZnIhJncGEvbWF4aW1hbF92MV9vY2goDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB13 143 B
166 B 47ms
47ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:43:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1BA1 1 KB
643 B 35ms
35ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 12:11:39 GMT
etag: 48472445140208031
expires: Fri, 13 Jan 2023 12:11:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1BA1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDPMWa7UNR-cYv8ju-WKqEM&google_cver=1&google_push=AavPq0MEc4CVgaD6ZHd9MkJCc9UInm9X_7a3i8f2T6huQIJXKHuThR9pazfGSFfWiIi5fMPYdfXOVMtKLYHMzxdx...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MEc4CVgaD6ZHd9MkJCc9UInm9X_7a3i8f2T6huQIJXKHuThR9pazfGSFfWiIi5fMPYdfXOVMtKLYHMzxdx4Uhq3AsfFTHiSg

170 B
232 B

44ms
43ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MEc4CVgaD6ZHd9MkJCc9UInm9X_7a3i8f2T6huQIJXKHuThR9pazfGSFfWiIi5fMPYdfXOVMtKLYHMzxdx4Uhq3AsfFTHiSg

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 12 Jan 2023 17:26:23 GMT
Server: MT3 277 3f0ad7a master zrh-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MEc4CVgaD6ZHd9MkJCc9UInm9X_7a3i8f2T6huQIJXKHuThR9pazfGSFfWiIi5fMPYdfXOVMtKLYHMzxdx4Uhq3AsfFTHiSg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 12 Jan 2023 17:26:22 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1BA1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECDJ2Dn5XuQ9Y-SjlRGflHo&google_cver=1&google_push=AavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZC...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECDJ2Dn5XuQ9Y-SjlRGflHo&google_cver=1&google_push=AavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQ...

43 B
441 B

194ms
183ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECDJ2Dn5XuQ9Y-SjlRGflHo&google_cver=1&google_push=AavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZCBM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZCBM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 788798c8ea0e90c1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:22 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3636
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECDJ2Dn5XuQ9Y-SjlRGflHo&google_cver=1&google_push=AavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZCBM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OoC7WdWjWHH3og2i4XoJi8p96aQoiclR6PXYCxyy0wfSwFXwMNqMb7MQSPpb5GVIWLul2ZuvDlplubrkFGK-39LT8kZRQZCBM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 788798c7984590c1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1BA1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIuiPCJx8OQ0IrPa8nz-bdQ&google_cver=1&google_push=AavPq0Pl_zcVXJU1WmeqOXp66vDkIK1IisZmYtbPfQ-kZEdfkdU2MvA3sDXAH9FKn_Chd23lJ8Km9NOTkROQLIkigj_UsZb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Pl_zcVXJU1WmeqOXp66vDkIK1IisZmYtbPfQ-kZEdfkdU2MvA3sDXAH9FKn_Chd23lJ8Km9NOTkROQLIkigj_UsZbSU1_QPg&google_hm=eS1uS1VhX0FSRTJwRnp1...

170 B
232 B

44ms
44ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Pl_zcVXJU1WmeqOXp66vDkIK1IisZmYtbPfQ-kZEdfkdU2MvA3sDXAH9FKn_Chd23lJ8Km9NOTkROQLIkigj_UsZbSU1_QPg&google_hm=eS1uS1VhX0FSRTJwRnp1UjFWbTdQU3R6V3JKbkg5eDMzUH5B

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 12 Jan 2023 17:26:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Pl_zcVXJU1WmeqOXp66vDkIK1IisZmYtbPfQ-kZEdfkdU2MvA3sDXAH9FKn_Chd23lJ8Km9NOTkROQLIkigj_UsZbSU1_QPg&google_hm=eS1uS1VhX0FSRTJwRnp1UjFWbTdQU3R6V3JKbkg5eDMzUH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1BA1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECn3CmxL7Bkzsk6RMRm7QTQ&google_cver=1&google_push=AavPq0MivSIWivseeNwyslYeu_kIRa7jz3KMkpEi5Ci4yl4e5oRfWdmFDRLnwXUOCz_KG8lYTDq...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENURDQ2MjgtMUotMVdPRw==&google_push=AavPq0MivSIWivseeNwyslYeu_kIRa7jz3KMkpEi5Ci4yl4e5oRfWdmFDRLnwXUOCz_KG8lYTDqIYtBzGStS9MCVZL9JCRPizrgB0XI

170 B
232 B

42ms
42ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENURDQ2MjgtMUotMVdPRw==&google_push=AavPq0MivSIWivseeNwyslYeu_kIRa7jz3KMkpEi5Ci4yl4e5oRfWdmFDRLnwXUOCz_KG8lYTDqIYtBzGStS9MCVZL9JCRPizrgB0XI

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENURDQ2MjgtMUotMVdPRw==&google_push=AavPq0MivSIWivseeNwyslYeu_kIRa7jz3KMkpEi5Ci4yl4e5oRfWdmFDRLnwXUOCz_KG8lYTDqIYtBzGStS9MCVZL9JCRPizrgB0XI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1BA1
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEunNnU8GAnL5K2OIsnTGqA&google_cver=1&google_push=AavPq0Ou0D5_tkcNZrv_QMzwe5Q3cRU9964dvHHDcGFubBHnON4n1sCbczKTVn9LfckKu9zm85tlG2ugk2l6vb60...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0Ou0D5_tkcNZrv_QMzwe5Q3cRU9964dvHHDcGFubBHnON4n1sCbczKTVn9LfckKu9zm85tlG2ugk2l6vb60U9K6FoJZwHHg6A

170 B
502 B

73ms
43ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0Ou0D5_tkcNZrv_QMzwe5Q3cRU9964dvHHDcGFubBHnON4n1sCbczKTVn9LfckKu9zm85tlG2ugk2l6vb60U9K6FoJZwHHg6A

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 12 Jan 2023 17:26:22 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0Ou0D5_tkcNZrv_QMzwe5Q3cRU9964dvHHDcGFubBHnON4n1sCbczKTVn9LfckKu9zm85tlG2ugk2l6vb60U9K6FoJZwHHg6A
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Uic2to70iN74PtDODvrjU45gbHJuMbExfTdLe537LO7Emr_cdg39FQ==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1BA1
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE5pq1NJH_QOKAJI_EPSwfM&google_cver=1&google_push=AavPq0NXNcB0w10qxmyhqQmM2iXuHbdDSwYkE47gQphFjuL4iET2OQ7UYzYscO3womHjA2rP0ZggNe2-OXC8...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NXNcB0w10qxmyhqQmM2iXuHbdDSwYkE47gQphFjuL4iET2OQ7UYzYscO3womHjA2rP0ZggNe2-OXC8cY0hOOTgHYtz2QGGoQ

170 B
232 B

44ms
44ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NXNcB0w10qxmyhqQmM2iXuHbdDSwYkE47gQphFjuL4iET2OQ7UYzYscO3womHjA2rP0ZggNe2-OXC8cY0hOOTgHYtz2QGGoQ

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NXNcB0w10qxmyhqQmM2iXuHbdDSwYkE47gQphFjuL4iET2OQ7UYzYscO3womHjA2rP0ZggNe2-OXC8cY0hOOTgHYtz2QGGoQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 1BA1 0
75 B 150ms
26ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPbAlvLHkf80tlcF-5zDesw&google_cver=1&google_push=AavPq0MO5bHYK0TVkJk_E53OAda9XmGCb651WhV_2yV61cKV7YfBWBkx4krl3GyTH19IE9OA_igWdZyZLbNMgqe3rKssxnuvp9ByadQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1BA1 0
50 B 132ms
46ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I75U14kFfmzD-8sYKjRFYtkrSeXTaq-AID8KnccW9xhBFxaorJd5G4Tiipy38sX2MfkCb9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB13
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

84ms
84ms

Document
text/html

2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:26:22 GMT
expires: Thu, 12 Jan 2023 17:26:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:26:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame CE7F 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 836B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

87ms
86ms

Image
text/html

2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H3
Server: 2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Thu, 12 Jan 2023 17:26:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
BLOB 200
OK d2ce8ccf-3fd3-4827-9f37-5438b3e68aeb
https://www.flaresenha.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.flaresenha.com/d2ce8ccf-3fd3-4827-9f37-5438b3e68aeb
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK c542feb4-50ea-4479-8f68-6b9ecfe5ac5f
https://www.flaresenha.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.flaresenha.com/c542feb4-50ea-4479-8f68-6b9ecfe5ac5f
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 83ms
82ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aad6dddb6c1a00218a5ba24dc48fd1adc25f0e5ff9035952d45a455e2e18163e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11039
x-xss-protection: 0

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 66ms
31ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 18:06:37 GMT
content-encoding: gzip
age: 83986
x-guploader-uploadid: ADPycdtbRryPjcqDqFqhN7E4Tg8TgZSD-5kd2U4AsgJtFi_WrLIj1QcfnAi9x17szwwNgtKdmZgHBzIiyYpDUTMP6jgAy32zsTJA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "1f6a2c178b385e908b632664e93aed26"
x-goog-hash: crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation: 1663611635525811
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
expires: Thu, 12 Jan 2023 18:06:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 524ms
524ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 17:26:23 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
66 B 41ms
27ms Script
text/plain 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1673544383169548756583&uniqId=0e3c0&lct=1671667200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.flaresenha.com%2F&lu=https%3A%2F%2Fwww.flaresenha.com%2F&sessionId=63c042bf-113ae&pageView=1&pvid=185a704bac19a666c44&site=836414&implVersion=11&dpr=1&tfre=2861
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 788798caefd72c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 30ms
29ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:27:24 GMT
content-encoding: gzip
age: 25139
x-guploader-uploadid: ADPycdsePdLQ8atzL_tIbvAgtywdDQc-MtfBr3m25llPk1DBv9oa_wjb4Av99-YBpfaNwxOCc0-OxsjjJzQTXiBhMUzVvA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash: crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation: 1663611635449519
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:27:24 GMT

GET
BLOB 206
Partial Content df083211-a103-43e6-b881-721005bab5a6
https://www.flaresenha.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.flaresenha.com/df083211-a103-43e6-b881-721005bab5a6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 38ms
16ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 4939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 788798cb18282c1b-FRA
expires: Fri, 13 Jan 2023 17:26:23 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
814 B 38ms
17ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 253
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 788798cb18232c1b-FRA
expires: Fri, 13 Jan 2023 17:26:23 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 76 B
518 B 212ms
131ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf9f75b6ec7ff8a6d1e6a8d9ff50a4dcca7216ea916d53de5e464316a50a0a82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E6D6 42 B
64 B 143ms
142ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvItj-38b9oBzI1AlYr24qfreNTNSEyCyg4357aG2IdnO5UsUXqnEaGskKDpQXDn99LkAYOxDneimV7cChQD2Dlrc0D3TZ_1BGZe8_pMtHuai9nlCLp_10fVCGGzENBIXcKUAc1ew&sai=AMfl-YS8deaiqYmgVOGwEpRW2eW8On5WgM6wbvhAUJrmE8JC9r0MCuArfwIgWxkpx8yv_ENHvJP4Cuso26faK1SiDixAIW10hGVCNtau9AF7uF0exPQb7ds4tDFNBVUuoatrYVxVF3Vt1sR2r99bchE&sig=Cg0ArKJSzCErDo0fNPWWEAE&cid=CAQSSwDq26N9z1fRG9-lIuCgTqIr7Y2JhoLfKp8HQ39fnJXMMyyC8Noc_WKKGeexJfk46L-F29TQm0VzXFmwn21rp3SSFADcZxMPEzeOWRgBIBM&id=lidar2&mcvt=1009&p=394,500,539,1470&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3155775495&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673544381649&rpt=531&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1374018/ 15 KB
5 KB 69ms
54ms Script
application/x-javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1374018/1?pv=5&cbuster=1673544383252855961101&uniqId=0e3c0&lct=1671667200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1260&h=4513&maxw_7=336&maxh_7=279&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fwww.flaresenha.com%2F&lu=https%3A%2F%2Fwww.flaresenha.com%2F&sessionId=63c042bf-113ae&pageView=1&pvid=185a704bac19a666c44&implVersion=11&dpr=1&tfre=2944
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c5e21fa33ea60ffb62947bf062ca4fd3143e0d7f69add58a0555e346b858b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 788798cb68a92c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 28ms
28ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 4939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 788798cbda5d2c41-FRA
expires: Fri, 13 Jan 2023 17:26:23 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 25ms
25ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 253
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 788798cbda612c41-FRA
expires: Fri, 13 Jan 2023 17:26:23 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8zODgxNTEvYzFmN...
s-img.mgid.com/g/14007715/492x277/-/ 42 KB
43 KB 58ms
32ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14007715/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8zODgxNTEvYzFmNTY5MTYzYzIyYTA5OGIyZjBjNmZhNDIxM2RlNWMuanBlZw.webp?v=1673544383-DME2yzA2jDmSxE8Jhllnvde60TXuOFTqYw9XVK5cXug
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b7424970f4e1af0965d045736de4d7703182694a8911bf2a1101a12e8146a7d

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 11:06:32 GMT
x-mg-request-uuid: 8c53e0ec-8d09-4c2e-ac09-b87957c068a0
server: cloudflare
age: 195591
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cbfa742c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43364

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xNDY4ODQvOWM0NGI1MDkxNmU0YmMwZ...
s-img.mgid.com/g/10630752/492x277/-/ 15 KB
15 KB 67ms
42ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10630752/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xNDY4ODQvOWM0NGI1MDkxNmU0YmMwZmIyMDM4YTUxYWFhY2U3MmEuanBn.webp?v=1673544383-HbvNabrTL7ffqZTijv1Y6yKx3HjevVcLUG3e6djQeZc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c42bcd5f87a7bb474c1e38471ce2ae52169181ea9ede12f2e538d1992de56e8

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2023 09:37:16 GMT
x-mg-request-uuid: b9a7f9a7-d191-457c-a3bc-e8d5db82e13f
server: cloudflare
age: 741175
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cbfa7c2c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15358

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC80NzI3NjAvZGEwY...
s-img.mgid.com/g/14701459/492x277/-/ 6 KB
6 KB 58ms
33ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14701459/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC80NzI3NjAvZGEwYWY3NjVkNTM5NjRmZmZmMTM3NjcyMThhMjgzNzQuanBlZw.webp?v=1673544383-5PBzGxUg92cSDBtc0WqXVcMwL-1lgjY0nMT0hiyiF7g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8113780bd512b317faf7c7f707e4da322adcd057bd6c71a523e4cc9faa4b5819

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 10:53:56 GMT
x-mg-request-uuid: 9c6e1a02-c942-47c5-b65f-0f346bd72bb3
server: cloudflare
age: 741611
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cbfa832c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5768

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMjAxODUvNTc1M...
s-img.mgid.com/g/15091045/492x277/-/ 35 KB
35 KB 58ms
33ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15091045/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMjAxODUvNTc1M2ZkZjY4NGM1Yzk5ODNiNTUxMDQzZjc3OGQwZWQucG5n.webp?v=1673544383-YTEuXrnH5DyZZu8d32-2MCCdrHj5Tng8wdo-d4FRI_k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4522ca6cd5ed4798ee9ae984b786cce6a5a9b01c67bab71208c22913bb238439

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 12:33:28 GMT
x-mg-request-uuid: 0f66f480-1877-4cff-b852-997413fb4b67
server: cloudflare
age: 190294
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cbfa862c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35836

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMjAxODUvMzRlY...
s-img.mgid.com/g/15058538/492x277/-/ 15 KB
15 KB 56ms
31ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15058538/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8yMjAxODUvMzRlYzkwYjU5YzFlMjE2MjhmZTQzMGZkOWQ1NjQ4MTUucG5n.webp?v=1673544383-mR1h1km4PCM-lK-jhvmjsHWinWMSRB9Dnc0ffAJzwwY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53db0d9868aa78298674013a390b4496755b0ae386bcfc529cfcd620d0656970

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 Jan 2023 15:00:22 GMT
x-mg-request-uuid: bf097918-b56d-4ef1-8321-5acfecac5134
server: cloudflare
age: 613524
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cbfa892c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15492

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvODg1N...
s-img.mgid.com/g/12658922/492x277/-/ 23 KB
23 KB 58ms
33ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12658922/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvODg1NWY3OGNjNWUxNDAyYzQ2YmViNDUyZDQ4Y2E5MjkuanBn.webp?v=1673544383-lIqGxkXxuejwVv0oV3ZcyhjvIYpnNKqFY5Mbc-7cn9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c2ac986201217f1574d4f955599ce363f44e6fcb3eef4184fb6a21539441af

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Apr 2022 23:29:29 GMT
x-mg-request-uuid: 247fd297-e8f8-4711-9521-9654a205e8c4
server: cloudflare
age: 712817
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cbfa8e2c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23704

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy80NDU0NDQvZmNiZ...
s-img.mgid.com/g/14987703/492x277/-/ 23 KB
24 KB 37ms
37ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14987703/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy80NDU0NDQvZmNiZDI2YWNhYjU1YjMyZWUwYjRjZTRmNzU3OWIwYTUuanBlZw.webp?v=1673544383-TJlaQbVL3_hxt9pkgxy3y4uPmJmMjDaethum6dvWfT4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee161e75bab5b4f62dd74e13636d7d3357b2623aa371bcaeea664142fea1f631

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 08:23:29 GMT
x-mg-request-uuid: 35924c89-0054-4eb8-a580-7ab8c3c13921
server: cloudflare
age: 550546
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cc0a8f2c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24026

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi80NDY5MjcvNDE2ZWQ0MmEyNDhhYjc3Z...
s-img.mgid.com/g/11613777/492x277/-/ 19 KB
20 KB 32ms
31ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11613777/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi80NDY5MjcvNDE2ZWQ0MmEyNDhhYjc3ZjNhNGIxMzhhODYyMTM3ZTMuanBlZw.webp?v=1673544383-0H842iayXgmimffJ6nbN6oa4P8MUJ5FVUg5JBo0ot-g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d56c3df75ebee23cca9b8070e9432451fd370aa1e409247f88c47b8a4cda09

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 13:17:42 GMT
x-mg-request-uuid: e615c4d0-276c-4ee6-bbf6-19ba22e001e6
server: cloudflare
age: 741473
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cc0a932c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19872

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMzQ0NTM4LzViMzdlZTVjMjg4OGE2MmZlNDQ2NTY5ZTRjY2UzMmI2LmpwZw.webp
s-img.mgid.com/g/6494490/492x277/0x0x492x277/ 9 KB
10 KB 31ms
30ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6494490/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMzQ0NTM4LzViMzdlZTVjMjg4OGE2MmZlNDQ2NTY5ZTRjY2UzMmI2LmpwZw.webp?v=1673544383-LoaMn79mHFd58yjQv0OIEthtKLfmb49ZYRCGY0ffZv8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a74325135c617201d35fc332689dfa3c976d6e20ecf067a291d1fcab189f79a0

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 01:29:07 GMT
x-mg-request-uuid: f2941d9a-c8c5-4c55-8a00-fdf437da8f58
server: cloudflare
age: 741912
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cc0a9c2c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9418

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC83MTExMjYvM2M5O...
s-img.mgid.com/g/13813992/492x277/-/ 19 KB
19 KB 37ms
37ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13813992/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC83MTExMjYvM2M5ODRlNmM2ZWJmOWE3ZGFkNzI2NjU0M2U5NDRmZjMuanBn.webp?v=1673544383-GGIsSBlF6HjeSIJSVql2FRUW2x5ATYOQq2Za6K45YT0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263c4fc9e5cd140d6a05b6a69429e70bf47b494701d07d4814294f88d3742596

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Jan 2023 09:09:43 GMT
x-mg-request-uuid: 14250222-547e-4893-be98-ba9bb9ed812d
server: cloudflare
age: 465313
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cc0a9f2c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19264

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjk0LHlfMzI0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwL...
s-img.mgid.com/g/14339863/492x277/-/ 18 KB
19 KB 25ms
24ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14339863/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjk0LHlfMzI0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwLzMxMDE0MS9jMTIzYjAyZmQwZTUxYjgyODRlNTIzOTJjMzc1NjU4MC5qcGc.webp?v=1673544383-i8lbWWPZkGkT5OO98822mf0r-Isd5OGsGXq_vXY2OQg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76500fd6c6f9f00c027f2eed09ec3ffc748b6b6ab777225bc6347af08b0c6740

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 22:55:20 GMT
x-mg-request-uuid: acee139f-5c05-4d94-a34b-efc362c89995
server: cloudflare
age: 288514
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cc0aa32c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18626

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi81MzA0NTMvZDM3NmUzYjRmYWY5N2IyM...
s-img.mgid.com/g/14007713/492x277/-/ 18 KB
18 KB 24ms
23ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14007713/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi81MzA0NTMvZDM3NmUzYjRmYWY5N2IyMmY5YzhhYWJmMzNkMmQyNDMuanBlZw.webp?v=1673544383-AXU0lOy_6rwV3y-2yuxbUtx7ITx1DSYe9wWlGgB4-Zc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29db74a209ff5cead579cf4b7afc2350aa8a9c9bea7220420e5dcf3b9fef612f

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Jan 2023 04:07:25 GMT
x-mg-request-uuid: d673eb76-2f5f-4fe8-8996-e8efae88d84a
server: cloudflare
age: 134207
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cc0aa42c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18330

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS80NjY0ODAvYmM1M...
s-img.mgid.com/g/15061857/492x277/-/ 21 KB
21 KB 37ms
36ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15061857/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS80NjY0ODAvYmM1MGJhMmYwZWIzOWViZDZiOTY3MjY3ZmU1NmQwOWQuanBn.webp?v=1673544383-9wggFH1PJCYTkr_cX0izeJBkaf4c5m628MlQxLmwyHY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f861450362ca75abe1a24e3c62f8dc33b8c36446535a5536170ce59845f6163

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Thu, 05 Jan 2023 13:36:38 GMT
x-mg-request-uuid: 78ed7b42-0de6-4a88-8dd4-41c5dc462bdd
server: cloudflare
age: 618584
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cc0aa52c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21340

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzMxMDE0MS81MWJmNmNlNTU4NDg5NzlmZjRiN...
s-img.mgid.com/g/9355708/492x277/-/ 13 KB
13 KB 46ms
45ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/9355708/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzMxMDE0MS81MWJmNmNlNTU4NDg5NzlmZjRiNDFlNjM1YmU1YWQ1NC5qcGc.webp?v=1673544383-Toj0KR11dgbwSkyvlWAu2kyNAiSE4jUqIn7e1UWiUE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c184938868342f29fb32d3fe9be380ed171a0dc25fac11fe3c3e358968098f7a

Request headers

Referer: https://www.flaresenha.com/
Origin: https://www.flaresenha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:01:30 GMT
x-mg-request-uuid: a3d2348d-2cd1-4754-af92-6289bb5374af
server: cloudflare
age: 288974
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 788798cc0aa72c6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12958

GET
H2 206 http%3A%2F%2Fimghosts.com%2Ft%2F2022-02%2F101924%2Fcec38fd38402292f587eb98661cc6fde.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_improve,f_mp4,fl_lossy,g_faces:auto,w_960/ 510 KB
0 63ms
32ms Media
video/mp4 2606:4700:4400::ac40:9040
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_improve,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-02%2F101924%2Fcec38fd38402292f587eb98661cc6fde.gif?v=1673544383-rqLw988HiReGCicbXscxmFaVx3fRp-oYTPfJaK2DV7Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9040 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flaresenha.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6809477
Content-Range: bytes 0-1249483/1249484
server-timing: fastly;dur=30892;cpu=1;start=2022-10-25T21:54:35.337Z;desc=miss,rtt;dur=0,cloudinary;dur=40799;start=2022-10-25T21:54:25.416Z,cld-id;desc=26b4c0bcb7f5428c56a3f046b7b209f1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1249484
x-request-id: 26b4c0bcb7f5428c56a3f046b7b209f1
last-modified: Tue, 25 Oct 2022 15:46:28 GMT
server: cloudflare
etag: "8964594314ee2281aa6ec87a1efa4452"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 788798cc2a4d9b4b-FRA
expires: Fri, 12 Jan 2024 17:26:23 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 0
37 B 123ms
108ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1673544383370338978157
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 788798cc2a3b2c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame F75C 0
101 B 107ms
106ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1673544383385128501429
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 788798cc2a382c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 51ms
20ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: 1NVMKK1BBM9ZT45J
age: 2781
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 788798cc6b705c5c-FRA
x-amz-id-2: tdUk6Et9OPSzOQ9Oq18jtd8w3lzSYaYgDEQjnUGw4XzWRK0nOIIl+WDtBhEdmcBuMyWN6vGNXV8=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 227 KB
72 KB 79ms
20ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=155899
accept-ranges: bytes
content-length: 73257
expires: Sat, 14 Jan 2023 12:44:42 GMT

GET
H3 200 1374018 Show response
servicer.mgid.com/vpaid/ 966 B
851 B 36ms
36ms XHR
text/xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/vpaid/1374018?pl=1&w=679&h=382&maxduration=30&dnt=0&page=https%3A%2F%2Fwww.flaresenha.com%2F&uspString=1---&consentData=&format=outstream&schedule=pre&ref=www.flaresenha.com
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14156e33fd0fdea126751e307aefbe233770a38b834dd08f5a304db2acd7b080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.flaresenha.com
access-control-allow-credentials: true
cf-ray: 788798cc7baf2c41-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 206 http%3A%2F%2Fimghosts.com%2Ft%2F2022-02%2F101924%2Fcec38fd38402292f587eb98661cc6fde.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_improve,f_mp4,fl_lossy,g_faces:auto,w_960/ 4 KB
4 KB 20ms
19ms Media
video/mp4 2606:4700:4400::ac40:9040
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9040 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c77aa9e0958720a201b24e63c2218fd19d7e90acbbc3eca242deae5d2cedfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flaresenha.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=1245184-

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6809477
Content-Range: bytes 1245184-1249483/1249484
server-timing: fastly;dur=30892;cpu=1;start=2022-10-25T21:54:35.337Z;desc=miss,rtt;dur=0,cloudinary;dur=40799;start=2022-10-25T21:54:25.416Z,cld-id;desc=26b4c0bcb7f5428c56a3f046b7b209f1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4300
x-request-id: 26b4c0bcb7f5428c56a3f046b7b209f1
last-modified: Tue, 25 Oct 2022 15:46:28 GMT
server: cloudflare
etag: "8964594314ee2281aa6ec87a1efa4452"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 788798cc8b0f9b4b-FRA
expires: Fri, 12 Jan 2024 17:26:23 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 158 B
600 B 134ms
134ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-11382-4&tY=1&tS=3&tU=0100007FBF42C0639F06118D02EEBA08&tX=b.52&tZ=336035220&env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 91cd24f1d5727cad10c927818b02e5f421f125dca1f51588b5db2efffb38b725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 mgvpaid.umd.js Show response
video-native.mgid.com/scripts/ 172 KB
41 KB 153ms
58ms Script
application/x-javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 01071bb08b79154be460ff8abdc0940ec4b7b7868c758fa223cbc73a9809812f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-id: fr5-up-gc11
date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 07:49:06 GMT
server: nginx
etag: "2af28-5f1f83c2764eb-gzip"
vary: Accept-Encoding
x-cached-since: 2023-01-11T07:49:15+00:00
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 41719
expires: Thu, 11 Jan 2024 07:49:14 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
405 B 93ms
28ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

86fd090422d6b1a47241fa6fdc745d3663e8a40cb2789bc6f3ce6256ef60397f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.flaresenha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flaresenha.com
date: Thu, 12 Jan 2023 17:26:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 34 B
286 B 346ms
13ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lbs.eu-1-id5-sync.com/lbs/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

521bebd3fb5ab20844f2585f55a12596f88a3748fb88e3a8aab413697fd664e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.flaresenha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flaresenha.com
date: Thu, 12 Jan 2023 17:26:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
vary: Origin
content-type: application/json

GET
H3 206 http%3A%2F%2Fimghosts.com%2Ft%2F2022-02%2F101924%2Fcec38fd38402292f587eb98661cc6fde.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_improve,f_mp4,fl_lossy,g_faces:auto,w_960/ 740 KB
741 KB 48ms
47ms Media
video/mp4 2606:4700:4400::ac40:9040
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9040 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

695dc4ea641ed0d50d72d3d364055f6a01b6f15881251a0f3b9acec5d2807b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flaresenha.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=491520-

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1758922
Content-Range: bytes 491520-1249483/1249484
server-timing: akam;dur=42432;cpu=42231;start=2022-10-25T21:55:02.358Z;desc=miss,rtt;dur=96,cloudinary;dur=22;start=2022-10-25T21:55:44.627Z
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 757964
last-modified: Tue, 25 Oct 2022 21:55:07 GMT
server: cloudflare
etag: "8964594314ee2281aa6ec87a1efa4452"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 788798ccdb612be9-FRA
expires: Fri, 12 Jan 2024 17:26:23 GMT

GET
H3 200 container.html Show response
7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FBA0 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:26:20 GMT
expires: Fri, 12 Jan 2024 17:26:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca Show response
tt-11382-4.seg.t.tailtarget.com/ 83 B
344 B 180ms
139ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-11382-4.seg.t.tailtarget.com/ca?tZ=359138454&env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 87a9a3288101824a61d7605def89bafe8c4a2527e6530aa76e0a493ef1f0ed6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 mgvpaid.css
video-native.mgid.com/mgPlayer/css/ 945 B
530 B 21ms
21ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/mgvpaid.css
Requested by: Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f8fd19e664526e5667d00bed3e089e60559219501c1fcf5cea88feed079db74c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-id: fr5-up-gc11
date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 10:33:43 GMT
server: nginx
etag: "3b1-5ead3ed4f0fb5-gzip"
vary: Accept-Encoding
x-cached-since: 2023-01-10T14:52:32+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 389
expires: Wed, 10 Jan 2024 14:52:32 GMT

GET
H3 200 /
c.mgid.com/vs/ 43 B
167 B 24ms
24ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?iid=1374018&e=initad&c=78345&o=%7B%22uuid%22%3A%223c6ac3de-929e-11ed-8a54-e43d1a2a04aa%22%2C%22muidn%22%3A%22-%22%2C%22build%22%3A%22202301110749%22%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 788798ce3fc72c41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C42 13 KB
5 KB 48ms
47ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 07:40:24 GMT
expires: Fri, 12 Jan 2024 07:40:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1473 783 B
535 B 71ms
70ms Document
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ef07d248a6c912acb38ef583f27f161483a4b11e89f9b5987a27b14792b6c23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rCVd6Z1Ia6d4l7li-3kyQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-rCVd6Z1Ia6d4l7li-3kyQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:26:23 GMT
expires: Thu, 12 Jan 2023 17:26:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame FBA0 4 KB
621 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 16:08:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Jan 2023 17:26:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame FBA0 2 KB
775 B 47ms
47ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FBA0 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cpt4Hv0LAY-H_D8y_lgTa4KiwAvnk6sVtrr_Ft6YNpuDPzbQQEAEg1s63TmCV4pCCoAegAbC6odcDyAEJqQLG2vHH-A2yPuACAKgDAcgDywSqBOoBT9BWMWR2o3U0z8oJtRD3kVGdzIuFAC5Vu8uuAhSitN-G4GqDRzdx5jftlEJ90_tVzLRc3Q1r1PnuunaruvrYMzmkFIHJxLUrxcQhtZhGykDMIjEg2jEByMtrgrcnnNhFsijn4XR2UbCQRyvgH414mDYmNvkHDMs8zB5a-zYD_xqhRBicWF3pns6P8po0rhXYcelw09WMxyzc3qy7jsUtQroRgPdeUeXkI9yA0fnHF-Q-Kj0d-8BWNXOulZaS-3IpRidUOd4brrNmQmTyd8RTe9bZH6EVVQd_cx4c9eKWlo7H55y7dDxiWi8AwATxqf3kogPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC97gHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA0ODcxMzE5NzI1Mzg1MYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=a1B6QvrdO7g&uach_m=[UACH]&cid=CAQSPADq26N9a5Y_dWEbpLQb90UKJxUKKBeAW_0lPVOR7Aqm5f3UjcRV01XZWcFlny_rjhjRzAhD23dLcAB3wxgBIBM&template_id=494
Requested by: Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame FBA0 22 KB
9 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame FBA0 3 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame FBA0 18 KB
7 KB 49ms
49ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Jan 2023 19:08:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FBA0 0
0 69ms
69ms Image
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZK6VSA1k5JVE19RtqnTa1ZiaNUZXq0kKXRPM9tr66G50dcK9BTkIPZWCoLTci3cqubDhoDq2S5hET2jExyn_W1lxW9Q
Requested by: Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBA0 157 KB
48 KB 92ms
91ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 17:26:23 GMT

GET
H3 200 1507d5c23d710c2e70b81f354fbf7065.js Show response
www.gstatic.com/mysidia/ Frame FBA0 33 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 12:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 20:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 12:22:20 GMT

GET
H2 200 / Show response
vast.aniview.com/api/adserver61/vast/ 7 B
251 B 54ms
9ms XHR
text/xml 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=59f9ead1073ef4627e1810fd&AV_CHANNELID=62827ca509209d7ca37e9066
Requested by: Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:23 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/xml
access-control-allow-origin: https://www.flaresenha.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7
expires: Thu, 12 Jan 2023 17:26:23 GMT

GET
H3 200 /
c.mgid.com/vs/ 43 B
167 B 26ms
26ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?iid=1374018&e=requestad&cin=0&h=IOD7CBKbDm8iaVmT-vW8HzVhnk0Oh9tFQ-gBBokGYmNrfEr_ImcLxavSQyKt2y9LPOV5Aap7p-wQzaMMHz4dPQ**&c=58522&o=%7B%22uuid%22%3A%223c6ac3de-929e-11ed-8a54-e43d1a2a04aa%22%2C%22muidn%22%3A%22-%22%2C%22build%22%3A%22202301110749%22%2C%22index%22%3A0%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 788798ceb8b62c41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame FBA0 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame FBA0
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

48ms
48ms

Image
image/png

2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:11:52 GMT
x-content-type-options: nosniff
age: 170071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jan 2024 18:11:52 GMT

Redirect headers

date: Thu, 12 Jan 2023 12:34:15 GMT
x-content-type-options: nosniff
server: cafe
age: 17528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Feb 2023 12:34:15 GMT

GET
H2 200 bridge3.551.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C9E1 694 KB
223 KB 51ms
47ms Document
text/html 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b4ed6bb59d1c0c75a130ca947ef90a06e253c7e8b841810b68c24d24fe6b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flaresenha.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227828
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 21:13:12 GMT
expires: Thu, 11 Jan 2024 21:13:12 GMT
last-modified: Mon, 09 Jan 2023 15:17:00 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 213ms
83ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Jan 2023 17:26:23 GMT

GET
H3 200 volume_off.png
www.gstatic.com/dfp/native/ 3 KB
3 KB 39ms
38ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/volume_off.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:19:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 79605
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Jan 2024 19:19:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 76ms
75ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 215 B
627 B 40ms
8ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

510b4fd644de37e9d42f9319b9e4e2d574925cd9521a20c28068f8db755bc2bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.flaresenha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flaresenha.com
date: Thu, 12 Jan 2023 17:26:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C42 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1473 0
0 136ms
136ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=1036440414456943&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 / Show response
vast.aniview.com/api/adserver61/vast/ 7 B
251 B 10ms
9ms XHR
text/xml 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=59f9ead1073ef4627e1810fd&AV_CHANNELID=62827ca509209d7ca37e9066
Requested by: Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:23 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/xml
access-control-allow-origin: https://www.flaresenha.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7
expires: Thu, 12 Jan 2023 17:26:23 GMT

GET
H3 200 /
c.mgid.com/vs/ 43 B
167 B 35ms
34ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?iid=1374018&e=requestad&cin=1&h=IOD7CBKbDm8iaVmT-vW8HzVhnk0Oh9tFQ-gBBokGYmNrfEr_ImcLxavSQyKt2y9LPOV5Aap7p-wQzaMMHz4dPQ**&c=61709&o=%7B%22uuid%22%3A%223c6ac3de-929e-11ed-8a54-e43d1a2a04aa%22%2C%22muidn%22%3A%22-%22%2C%22build%22%3A%22202301110749%22%2C%22index%22%3A1%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 788798cf39cc2c41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 164F 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 12:11:39 GMT
etag: 48472445140208031
expires: Fri, 13 Jan 2023 12:11:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FBA0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90838cf1ec34a515f0004c0fceb953eb68e59883007bbfe6eef3a8aee717f396

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FBA0 16 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 09:07:05 GMT
x-content-type-options: nosniff
age: 461958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 09:07:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 164F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEM0KXPGigGy5gxzCD32qd60&google_cver=1&google_push=AavPq0M2KksoOWBMhfSD1-5z0AS14S-Q2rn61ZfAgwkd8LgB823WQjfhi-ePvCk9vGR721BLlvCds31Rtbl2TZ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NzgxODM5NzY4NjgyMzA2NA%3D%3D&google_push=AavPq0M2KksoOWBMhfSD1-5z0AS14S-Q2rn61ZfAgwkd8LgB823WQjfhi-ePvCk9vGR721BLlvCds31Rtbl2TZUPDO...

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NzgxODM5NzY4NjgyMzA2NA%3D%3D&google_push=AavPq0M2KksoOWBMhfSD1-5z0AS14S-Q2rn61ZfAgwkd8LgB823WQjfhi-ePvCk9vGR721BLlvCds31Rtbl2TZUPDOezuJCJxcbFgxH6plZw7MOnlUWFdlpLPBGsfbwzGgPnRzxklMEHn5RF

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NzgxODM5NzY4NjgyMzA2NA%3D%3D&google_push=AavPq0M2KksoOWBMhfSD1-5z0AS14S-Q2rn61ZfAgwkd8LgB823WQjfhi-ePvCk9vGR721BLlvCds31Rtbl2TZUPDOezuJCJxcbFgxH6plZw7MOnlUWFdlpLPBGsfbwzGgPnRzxklMEHn5RF
Date: Thu, 12 Jan 2023 17:26:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 164F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELlquYQuWUOGnTSUIQc7K6Q&google_cver=1&google_push=AavPq0PMr-f73m_5Tnll3C66vKv7XB6UM929ylmQeY8SDx_oPqNq_kv-9nMAW1tgKGxt03eHSxUaQ_dLEUGP0daee_-o...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELlquYQuWUOGnTSUIQc7K6Q&google_cver=1&google_push=AavPq0PMr-f73m_5Tnll3C66vKv7XB6UM929ylmQeY8SDx_oPqNq_kv-9nMAW1tgKGxt03eHSxUaQ_dLEUGP0d...
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1add9d21-1d36-4c5a-9864-15d7546bf799&ssp=google&gdpr=&gdpr_consent=

43 B
356 B

116ms
41ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1add9d21-1d36-4c5a-9864-15d7546bf799&ssp=google&gdpr=&gdpr_consent=
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:24 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1add9d21-1d36-4c5a-9864-15d7546bf799&ssp=google&gdpr=&gdpr_consent=
date: Thu, 12 Jan 2023 17:26:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 164F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGscmcuxw9qc_dMgrsBgwm0&google_cver=1&google_push=AavPq0PKgJIAoJ0gJ54EA2fH7C24ubchyXjDcSM2FxhcjZsn7k5nbrapLbSAFyf1h2Q3evHiiBAtIoAi...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGscmcuxw9qc_dMgrsBgwm0&google_cver=1&google_push=AavPq0PKgJIAoJ0gJ54EA2fH7C24ubchyXjDcSM2FxhcjZsn7k5nbrapLbSAFyf1h2Q3evHiiBA...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ5NTc0Nzg1ODQwNDE1NjQwOQ&google_push=AavPq0PKgJIAoJ0gJ54EA2fH7C24ubchyXjDcSM2FxhcjZsn7k5nbrapLbSAFyf1h2Q3evHiiBAtIo...

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ5NTc0Nzg1ODQwNDE1NjQwOQ&google_push=AavPq0PKgJIAoJ0gJ54EA2fH7C24ubchyXjDcSM2FxhcjZsn7k5nbrapLbSAFyf1h2Q3evHiiBAtIoAiLhN9tu8xNzeql5QLDp16RM2UI2P_xZN4rhc0YSXoVib1YIZi7FYHL-J9uURgb_X2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ5NTc0Nzg1ODQwNDE1NjQwOQ&google_push=AavPq0PKgJIAoJ0gJ54EA2fH7C24ubchyXjDcSM2FxhcjZsn7k5nbrapLbSAFyf1h2Q3evHiiBAtIoAiLhN9tu8xNzeql5QLDp16RM2UI2P_xZN4rhc0YSXoVib1YIZi7FYHL-J9uURgb_X2
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 164F 43 B
351 B 65ms
22ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE-ue25-XlCEW7EgacWtADg&google_cver=1&google_push=AavPq0PF3Md2jwbn3ryUQNCVICKRdVoyRZOcA4fWVXTBftolPY4ja89wltLqdKhniHFLDaZEdIo8o1zUaPwS8Zfq1sfQElaN5KlHi30vi4chktoiKWnSws7l75RCe9XcFxxH2FC_6KzwSqg
Requested by: Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9l6lhs53u93hn19ggi9q4o41g7e9q42k

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 164F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAbUix_4djoglOX2fm7bsoo&google_cver=1&google_push=AavPq0PCOgQfNGDZwJjwOy4YD31kA05PzIcmc1QP224cdxHipP5IgjDH01UudjBtZFsnON15PH1Wf0ArWnb-ORNbHL5JV7wKnw...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PCOgQfNGDZwJjwOy4YD31kA05PzIcmc1QP224cdxHipP5IgjDH01UudjBtZFsnON15PH1Wf0ArWnb-ORNbHL5JV7wKnwn...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTUwMDEwMjY2NjQ5NjA5Nzg4MDcx&google_push=AavPq0PCOgQfNGDZwJjwOy4YD31kA05PzIcmc1QP224cdxHipP5IgjDH01UudjBt...

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTUwMDEwMjY2NjQ5NjA5Nzg4MDcx&google_push=AavPq0PCOgQfNGDZwJjwOy4YD31kA05PzIcmc1QP224cdxHipP5IgjDH01UudjBtZFsnON15PH1Wf0ArWnb-ORNbHL5JV7wKnwnXAHAF-0AhVsOvHca8XON-Vc9h1zQcWMwROcTcFT9WxhDg

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTUwMDEwMjY2NjQ5NjA5Nzg4MDcx&google_push=AavPq0PCOgQfNGDZwJjwOy4YD31kA05PzIcmc1QP224cdxHipP5IgjDH01UudjBtZFsnON15PH1Wf0ArWnb-ORNbHL5JV7wKnwnXAHAF-0AhVsOvHca8XON-Vc9h1zQcWMwROcTcFT9WxhDg
date: Thu, 12 Jan 2023 17:26:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 164F 0
75 B 42ms
41ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPbAlvLHkf80tlcF-5zDesw&google_cver=1&google_push=AavPq0OzF3v_cBKMWLaJfvB3yi8CVaekCIu4p3HUaVNmcNYT5yxTAhKdAkl2fDxOgG2zvP5Y3PBNHJ1knwu6lOslikeeczb4uCBoilWmlmbzG3V76MTn-3HXLBBfdALf-zd7viFiEapP3kGp
Requested by: Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:23 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 164F
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE5pq1NJH_QOKAJI_EPSwfM&google_cver=1&google_push=AavPq0Mlj9gKEac4a88APSPgkIuw3rGgVr83tQUHeoWgkohBUhPQixtOsdKF7Y2Jko-M3HCsDhz1lI2keqP...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Mlj9gKEac4a88APSPgkIuw3rGgVr83tQUHeoWgkohBUhPQixtOsdKF7Y2Jko-M3HCsDhz1lI2keqP5dpqtH2iKXpwPim9ZRtBmfP1aXhFPlg7ihfre...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 164F 0
12 B 38ms
37ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHTSXpTykGNXkWBr15vc1pVmlgObh3-THtJxDeXGKl1X6bu9YmC6JEtWujF-qp-XvuPRo7hA

Requested by

Host: 7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
URL: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 167ms
130ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-11382-4&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1673544383509_3117783977&tJ=&tU=0100007FBF42C0639F06118D02EEBA08&tX=b.52&tY=1&tZ=885332477
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:24 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame FDCC 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: www.flaresenha.com
URL: https://www.flaresenha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C9E1 79 KB
17 KB 599ms
391ms XHR
text/xml 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21622511100%2C22227164626%2Fflaresenha_multisize&description_url=https%3A%2F%2Fwww.flaresenha.com%2F&tfcd=0&npa=0&sz=480x360&cust_params=place%3Dslider-video&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=625461062090739&sdkv=h.3.551.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=google%2Fcodepen-demo-&mpv=1.0.0&sdki=445&ptt=20&adk=947826355&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.551.0&sid=CD18F912-18FD-46F2-9B0E-A55396D00C96&nel=0&eid=44748969%2C44752657%2C44765701&url=https%3A%2F%2Fwww.flaresenha.com%2F&dt=1673544384095&cookie=ID%3D81117219a15a50d1-2291708f3ddb000d%3AT%3D1673544380%3AS%3DALNI_MaQdXAYM7tcny8_SsP4yCURGlMR3A&gpic=UID%3D00000bc020984882%3AT%3D1673544380%3ART%3D1673544380%3AS%3DALNI_MbhK2JOHbuc7kJV_J2lgS1OOTb5gA&scor=2390984070763154&ged=ve4_td4_er9086.802.9242.1102_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2accfb147652fceb30bef4dd7c9964969e07f7cc328ac24e70c6976c6bdeaddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17000
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
c.mgid.com/vs/ 43 B
167 B 37ms
37ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=0&iid=1374018&e=error&o=%7B%22timeOffset%22%3A0%2C%22muidn%22%3A%22-%22%2C%22playerEngine%22%3A%22vpaid%22%2C%22adPlayer%22%3A0%2C%22uuid%22%3A%223c519bf5-929e-11ed-944d-e43d1a2a96ea%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=43098
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 17:26:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 788798d278a42c41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame C9E1 0
45 B 1008ms
364ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lctd474g&c=7643178354187&slotId=3821589177093.5&qqid=CLbertTGwvwCFeGW_QcdFqQHOQ&gqid=wELAY6q6E4Cy9u8PstOJkAg&fb=ima_html5-lima&sdkv=h.3.551.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44748969%2C44752657%2C44765701&met.4=ghmsh_s.lctd47o0~ghmsh_s.lctd47o0&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=H0RM-U62jxO807wJ
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C9E1 453 B
478 B 48ms
47ms Image
image/png 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-2845463438153782

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:53:25 GMT
x-content-type-options: nosniff
age: 1979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jan 2023 17:43:25 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C9E1 42 B
64 B 85ms
84ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjRQ5wELAY7b-FeGt9u8PlsieyAO92aSHbsS76pDJELCQHxABIMGvsn9gleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoEgAJP0EGjOsSTwo39n9A2lgfHCe8oOHLiQEW-uOC6JUmXGwhzpeoAgI6viunSl8yk7ng75TJtfiyuttqzUOmBtRfffoM5DyB79kkDu5f4lCYKjZuKDbMsVT8ZM4oIv9tN4x-ATnpSg_Ka6OS4q8yJ-9kM2bj8VJfXhupQsJGvcyMky88VEk7jNEVyYjzyw8-C9NjZAIYstl4Sf9MfXCKrT6sM2b7X8ND6QySYek-imM4S4na6yBgNSZjaPfynlPz2yO8pxiAOtRXa3AfLKPp8Ed3Mul6EJIy7cs2ht55DINypwqNkNtddpnrGHk43raDg6MsqxprXw2yYqCPJG2Uh1VhvwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGaCRpodHRwczovL3d3dy5oZXJvLXdhcnMuY29tL7EJ0qa14GvcGHqACgPICwHQCw7gCwG4DAGaDQEO2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=e2keba9Cp50&label=show_ad&sdkv=h.3.551.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQOUEUiMQDyUAAMZCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame C9E1 0
0 74ms
73ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CHgg4wELAY7b-FeGt9u8PlsieyAO92aSHbsS76pDJELCQHxABIMGvsn9gleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE_QFP0EGjOsSTwo39n9A2lgfHCe8oOHLiQEW-uOC6JUmXGwhzpeoAgI6viunSl8yk7ng75TJtfiyuttqzUOmBtRfffoM5DyB79kkDu5f4lCYKjZuKDbMsVT8ZM4oIv9tN4x-ATnpSg_Ka6OS4q8yJ-9kM2bj8VJfXhupQsJGvcyMky88VEk7jNEVyYjzyw8-C9NjZAIYstl4Sf9MfXCKrT6sM2b7X8ND6QySYek-imM4S4na6yBgNSZjaPfynlPz2yO8pxiAOtRXa3AfLKPp8Ed3Mul7cJTa-fe8ukgyI-0X3LToY72F2SeSYPESppo74AwGE7XVDA0W0sOo3mjvOwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDvnC6oCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA0ODcxMzE5NzI1Mzg1MYAKA8gLAcITGgoSGJql6stIIgoIAxACGAEgAFABGJyv-6gC2BMN0BUBmBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=BX42lBTEnGg&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9mbN8hXStppnf0yEsYdxvX4-kS5roIIU8LvvFnaa-Qt5kslx2jmhoyBtRzfZWk8QRsy7KfqH4LxgBIBM&vt=10&sdkv=h.3.551.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQOUEUiMQDyUAAMZCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C9E1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 943ms
362ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lctd45hc&c=7643178354187&slotId=3821589177093.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9E1 0
20 B 137ms
137ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.551.0&e=44748969%2C44752657%2C44765701&id=ima_html5&c=95175761657929&domain=www.flaresenha.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr3---sn-5hnekn7d.googlevideo.com/ 3 MB
0 121ms
19ms Media
video/mp4 2a00:1450:400e:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1673573184&ei=wELAY7j9JdOi7gPw5IKoBw&ip=2a03:1b20:6:f011::9e&id=1e79266198a3bba7&itag=22&source=youtube&requiressl=yes&mh=9c&mm=31&mn=sn-5hnekn7d&ms=au&mv=m&mvi=3&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=99.172&lmt=1667513595748502&mt=1673544072&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAP_N69UPmotMk6jf0wrO70MgyQhXBDoLGMwQiekjOKyQAiBYkBVxEHloIDLt_-ZYdrBKzPbpgRy8j_xU1aIzJfau0Q==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgQa9keqXRpmnjKgtb4_W6S-4ehcLXyPf2Wpa3GvvK0cgCICcu2KaoekTQySAP-g3WLqktWGcJ9s_x8VfU-QIQn8u7&cpn=H0RM-U62jxO807wJ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:1::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flaresenha.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 12 Jan 2023 17:26:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Nov 2022 22:13:15 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-6041693/6041694
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 6041694
Expires: Thu, 12 Jan 2023 17:26:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 144ms
143ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=1036440414456943&bg=!bG-lbyvNAAYDMoyoIzI7ACkAdvg8Ws6AMM6dVxu06G3l82SG8aUY9gYVziWN9TivennHaa3WyCGQqAIAAAFJUgAAAAJoAQeZApqfDofOX9khQTNlhJWK8maULb4QZPBebJgkZgu_lWZfCT1Ebbjavij4oP__s5aNeX_kzDutv85iIdm-7xR5zEj1MGdpPkdCeiTDV2WY2jW1HMEk0YlF5su_4Wvfj_ezRiW4u1Ch_La8CpS-gzHuzV9JHrynMviSD39oS31jXDbMEr0YPqgawF4QeXhKCQV2rGhzIuWExm_vcWorQIL6GJ2w3fdkQFkyQNuPFOn6DmakSP8n_-Srd1ELIguleKcP-I_DmxwHtdvduogC6ibbtxBylo7anz0iGkVBNkO68dhu8w3T6LhbfxBhyTVQEftZxLeRv5kpYbjFX0z9hM7_S9EsV_Ot-xaL7ZNjTR0HvqHjxXgATXVGwnfdQEoZSc5HlcfP1wk1zM17eZUIU5BeMcO-btmbuMrLB9PZF40T49MYWnGrQK6y6jyJCDNRSZwkclRnyyCpOxwTI2lQGmkZTJSMWcR7HvhLpgJ6JV-wmpFD1PQwlJCcuwh-Y_QwnK4Fq24Z2d6kSM4KMTOveFgZsHgJWsDcneAtJB-EPf9rXwROpIAboG_lYdFQmBli_u3YtrJbN2eGAOyL09dfFG4_7aoxNgRNGlDk4b3WKKcQNa0QIoL_4Yxl5r72BLAD_UBcHw2_OlyigEagWuCEcCE1Mh4zhl9DEKLoUngU70qskn_TlBMxal0dqsCYzGs4FFOvXu_Ny228WNBDlLv_iNFEd0Fk-bfe1uLrj2G8_OcYwD-aeNSpNrc_i3SzPLsoFMkSxoQB_FzwnWxwJRWl0cODYxPve5ZREBmGD7oLLAY6VAgHgoNRpFub-PYa8ohbbLFAHWdvn7wHznUWN33OniEDVjcR0QTecDA7XnIi3Nl6Sn_2uEGoOTaMMpj-oH8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flaresenha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C9E1 42 B
64 B 82ms
82ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjRQ5wELAY7b-FeGt9u8PlsieyAO92aSHbsS76pDJELCQHxABIMGvsn9gleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoEgAJP0EGjOsSTwo39n9A2lgfHCe8oOHLiQEW-uOC6JUmXGwhzpeoAgI6viunSl8yk7ng75TJtfiyuttqzUOmBtRfffoM5DyB79kkDu5f4lCYKjZuKDbMsVT8ZM4oIv9tN4x-ATnpSg_Ka6OS4q8yJ-9kM2bj8VJfXhupQsJGvcyMky88VEk7jNEVyYjzyw8-C9NjZAIYstl4Sf9MfXCKrT6sM2b7X8ND6QySYek-imM4S4na6yBgNSZjaPfynlPz2yO8pxiAOtRXa3AfLKPp8Ed3Mul6EJIy7cs2ht55DINypwqNkNtddpnrGHk43raDg6MsqxprXw2yYqCPJG2Uh1VhvwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGaCRpodHRwczovL3d3dy5oZXJvLXdhcnMuY29tL7EJ0qa14GvcGHqACgPICwHQCw7gCwG4DAGaDQEO2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=e2keba9Cp50&label=video_ad_loaded&sdkv=h.3.551.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQOUEUiMQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame C9E1 41 KB
15 KB 57ms
56ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 09:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 09:15:06 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame C9E1 0
0 77ms
76ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CHgg4wELAY7b-FeGt9u8PlsieyAO92aSHbsS76pDJELCQHxABIMGvsn9gleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE_QFP0EGjOsSTwo39n9A2lgfHCe8oOHLiQEW-uOC6JUmXGwhzpeoAgI6viunSl8yk7ng75TJtfiyuttqzUOmBtRfffoM5DyB79kkDu5f4lCYKjZuKDbMsVT8ZM4oIv9tN4x-ATnpSg_Ka6OS4q8yJ-9kM2bj8VJfXhupQsJGvcyMky88VEk7jNEVyYjzyw8-C9NjZAIYstl4Sf9MfXCKrT6sM2b7X8ND6QySYek-imM4S4na6yBgNSZjaPfynlPz2yO8pxiAOtRXa3AfLKPp8Ed3Mul7cJTa-fe8ukgyI-0X3LToY72F2SeSYPESppo74AwGE7XVDA0W0sOo3mjvOwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDvnC6oCAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA0ODcxMzE5NzI1Mzg1MYAKA8gLAcITGgoSGJql6stIIgoIAxACGAEgAFABGJyv-6gC2BMN0BUBmBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=BX42lBTEnGg&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9mbN8hXStppnf0yEsYdxvX4-kS5roIIU8LvvFnaa-Qt5kslx2jmhoyBtRzfZWk8QRsy7KfqH4LxgBIBM&sdkv=h.3.551.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C9E1 42 B
64 B 84ms
82ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIajfwELAY7b-FeGt9u8PlsieyAO92aSHbsS76pDJELCQHxABIMGvsn9gleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE_QFP0EGjOsSTwo39n9A2lgfHCe8oOHLiQEW-uOC6JUmXGwhzpeoAgI6viunSl8yk7ng75TJtfiyuttqzUOmBtRfffoM5DyB79kkDu5f4lCYKjZuKDbMsVT8ZM4oIv9tN4x-ATnpSg_Ka6OS4q8yJ-9kM2bj8VJfXhupQsJGvcyMky88VEk7jNEVyYjzyw8-C9NjZAIYstl4Sf9MfXCKrT6sM2b7X8ND6QySYek-imM4S4na6yBgNSZjaPfynlPz2yO8pxiAOtRXa3AfLKPp8Ed3Mul7cJTa-fe8ukgyI-0X3LToY72F2SeSYPESppo74AwGE7XVDA0W0sOo3mjvOwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=oy1tom7RD0A&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D943%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D9086,802,9266,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D778%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D362918829%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1673544381889%26ptlt%3D1673544384975%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1673544384753&sdkv=h.3.551.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQOUEUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNI3AFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C9E1 42 B
64 B 144ms
142ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRdArd0GXEJJnPSerRnEyAyURwifgaMc8iIuiOuaylzixfmApr547hplvPZKlOD5Dw2TyiG4yrM8Vlt4jy-Ajp_B6P6jFRYyp-WzelhjWAr392jPkGMoWCRMy4XixRJFU-bSAv3wj-JpkM9xeozynUpXSy6mF17K6e&sai=AMfl-YRH1oPTiu77lRjZildNbfCEkRra96D8ghhoLV67UwcLzNYSphe-PHvvFhGlJR5jop8fxGkM6RIcN63aGT7i0CrbrnYm375KOIW8NNaB1RhWXXBR9ROA-UD9jFyt5bY&sig=Cg0ArKJSzELrBa8aAGodEAE&cid=CAQSPADq26N9mbN8hXStppnf0yEsYdxvX4-kS5roIIU8LvvFnaa-Qt5kslx2jmhoyBtRzfZWk8QRsy7KfqH4LxgBIBM&id=lidarv&acvw=sv%3D943%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D9086,802,9266,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D778%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D362918829%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1673544381889%26ptlt%3D1673544384977%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1673544384753&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C9E1 42 B
64 B 86ms
84ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIajfwELAY7b-FeGt9u8PlsieyAO92aSHbsS76pDJELCQHxABIMGvsn9gleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE_QFP0EGjOsSTwo39n9A2lgfHCe8oOHLiQEW-uOC6JUmXGwhzpeoAgI6viunSl8yk7ng75TJtfiyuttqzUOmBtRfffoM5DyB79kkDu5f4lCYKjZuKDbMsVT8ZM4oIv9tN4x-ATnpSg_Ka6OS4q8yJ-9kM2bj8VJfXhupQsJGvcyMky88VEk7jNEVyYjzyw8-C9NjZAIYstl4Sf9MfXCKrT6sM2b7X8ND6QySYek-imM4S4na6yBgNSZjaPfynlPz2yO8pxiAOtRXa3AfLKPp8Ed3Mul7cJTa-fe8ukgyI-0X3LToY72F2SeSYPESppo74AwGE7XVDA0W0sOo3mjvOwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=oy1tom7RD0A&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D943%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D9086,802,9266,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D778%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D362918829%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1673544381889%26ptlt%3D1673544384978%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1673544384753&sdkv=h.3.551.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQOUEUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNI3AFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9E1 0
20 B 138ms
136ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.551.0&e=44748969%2C44752657%2C44765701&id=ima_html5&c=95175761657929&domain=www.flaresenha.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C9E1 42 B
64 B 84ms
82ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIajfwELAY7b-FeGt9u8PlsieyAO92aSHbsS76pDJELCQHxABIMGvsn9gleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE_QFP0EGjOsSTwo39n9A2lgfHCe8oOHLiQEW-uOC6JUmXGwhzpeoAgI6viunSl8yk7ng75TJtfiyuttqzUOmBtRfffoM5DyB79kkDu5f4lCYKjZuKDbMsVT8ZM4oIv9tN4x-ATnpSg_Ka6OS4q8yJ-9kM2bj8VJfXhupQsJGvcyMky88VEk7jNEVyYjzyw8-C9NjZAIYstl4Sf9MfXCKrT6sM2b7X8ND6QySYek-imM4S4na6yBgNSZjaPfynlPz2yO8pxiAOtRXa3AfLKPp8Ed3Mul7cJTa-fe8ukgyI-0X3LToY72F2SeSYPESppo74AwGE7XVDA0W0sOo3mjvOwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=oy1tom7RD0A&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=admute&ad_mt=0&acvw=sv%3D943%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D9086,802,9266,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D9%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D778%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D362918829%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1673544381889%26ptlt%3D1673544384981%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1673544384753&sdkv=h.3.551.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQOUEUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNI3AFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 3BA2 23 KB
9 KB 48ms
48ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 307623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 03:59:22 GMT
expires: Tue, 09 Jan 2024 03:59:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FBA0 42 B
64 B 150ms
150ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz7apHA2CfPj9CgwTTRoqmO12AsaewwQTuTQ71R2MCutUBSPod-vycpF3Zz5G45r0l2L5tsr_rBPxCCkM5N8cCI9f8s6bPhWVuAUGRBpTcA1cxrJCJCpgl3plDGP4ZvuLnDgHwgHGeVn6y0sI-T_xCghdPFYhvkOny&sai=AMfl-YR6RqDPeXF15pVEo8rZo2I2mUKVdI1tncx65MuVZ81RMHK8jLRXZwObj8uSh5N3T9z4QttnkMdTga-Hpr0odiVphvFTMCuZ2NQfwYWEgo4by--OLml2gGijwHpUwQE&sig=Cg0ArKJSzLKYGZXO25W4EAE&cid=CAQSPADq26N9a5Y_dWEbpLQb90UKJxUKKBeAW_0lPVOR7Aqm5f3UjcRV01XZWcFlny_rjhjRzAhD23dLcAB3wxgBIBM&id=lidar2&mcvt=1000&p=70,615,160,1585&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=128102006&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673544383698&rpt=355&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BA2 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 06:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 06:29:55 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C9E1 0
327 B 609ms
358ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lctd47o8&c=7643178354187&slotId=3821589177093.5&qqid=CLbertTGwvwCFeGW_QcdFqQHOQ&gqid=wELAY6q6E4Cy9u8PstOJkAg&fb=ima_html5-lima&sdkv=h.3.551.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lctd47oa~vss_tr.pn~ff.lctd47v7
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame C9E1 0
0 132ms
47ms Image
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44752657%2C44765701&el=adunit&cpn=H0RM-U62jxO807wJ&docid=HnkmYZiju6c&visitordata=CgtzZDdtWHAzb1FKMA%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.229&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.flaresenha.com%2F&len=99.010&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=109.0.5414.74&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BA2 0
20 B 143ms
143ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.551.0&bgai=Bl0RIwELAY7b-FeGt9u8PlsieyAMAAAAAOAG6BRMIqpqs1MbC_AIVAJn9Bx2yaQKC&bg=!qaqlqu7NAAYDMoyoIzI7ACkAdvg8WjuMxDhsCPzHFQG_upNVeUImQ7PAzMzamY9tEOSrWe-hj5OLzQIAAABnUgAAAAFoAQcKANH3XzLJ1Wr9VufP5aqUitPxGS6OPEREhvPghl4ComKpSW1pVKM5xr5ekkeCgLe6XRGC_CmbsHxKUZZJh1QZHXOw0shnz2NercL7VWfvE3zYzzTe89ODgFeFZzE4iHSbfnk1rL0E4J9KPebHNAcGHK1pUN_yMy4qQ8SIK2Yu5iAFBXcOMP4M1Ug9Qjq5hVK9p85Gd1elHwv8wK_232pJdsDHPnrLqQZ6Fv3VLVQawwXuBq0A-7mV0vZpQ2SWZLg83h0hKaLjCwjNUDwQy4K605s7HpkCQaqOSaoEgua_S0JCGZlB3Xk2-BCEaulgrQNuheQmvofJo1vJ8qW7lif0KCoIhLP-pqkpXfhouGybnGXmHbctPa4x7nl3yinXFBEvMPfCAGk3wI4sD5V2l7DyuLyDXJ5erPtLjnD2i27R3IKSiH9hPk5NIshZlcJPgZxMtFVp2eIs_chgV7TpDtJIPVuwQZpopUvJgZbiFzbut_a2pqkVDzoMp00rnMnbmqSrXRSgPQWPoWCFCyycVBgs28fBZQZmJ2WlWHDvzWAKp38y91zRSiv01Ffl0S3AZWCdqHQoDhn_iFLhBiB27I3qdQjx9EHzVT_qNzwnfOVV_781h7wSm9xMfCIXrOdi6o92HVyETJJj6dCb-U1UXeBNqoYU4vPctsK5s-0W7ygVi7GfiTgnTDBt4Kxoc16gxDc6hjPul2L3HdXYFgRkgPi6uKE7Z0fY2cVEwkx37IBhux8rCACfbGbizSxsGumVLt-qCG55AarcqOIxmHnDIK5O320qNDEpe9gBXHTLzBufkj09Fq3OLp4UDh_6jJjALOeIp1LfrZtjEiFNUBXHBgVOcIhEsGFsMvPmSR5eHIFnHTxnmMFrkgQ2Qqkcl4GcpPqKn_xY6KAzNv0ZLMbTtQmg-McebKooB_lQSvz1UIBvqLrmcD_pCa9i_DUgK4JdPWDLLTKCCwqNQLJArZztvcL3SJ_1Jqp-7MpmE6pb8oyumHb4YXI5AGXBCnPV10mcRlS5Oj_kxU3W9ZdUhM3EungniExDreU08kE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C9E1 42 B
64 B 83ms
82ms Image
image/gif 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIajfwELAY7b-FeGt9u8PlsieyAO92aSHbsS76pDJELCQHxABIMGvsn9gleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE_QFP0EGjOsSTwo39n9A2lgfHCe8oOHLiQEW-uOC6JUmXGwhzpeoAgI6viunSl8yk7ng75TJtfiyuttqzUOmBtRfffoM5DyB79kkDu5f4lCYKjZuKDbMsVT8ZM4oIv9tN4x-ATnpSg_Ka6OS4q8yJ-9kM2bj8VJfXhupQsJGvcyMky88VEk7jNEVyYjzyw8-C9NjZAIYstl4Sf9MfXCKrT6sM2b7X8ND6QySYek-imM4S4na6yBgNSZjaPfynlPz2yO8pxiAOtRXa3AfLKPp8Ed3Mul7cJTa-fe8ukgyI-0X3LToY72F2SeSYPESppo74AwGE7XVDA0W0sOo3mjvOwASz3O_HrgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=oy1tom7RD0A&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=video_skip_shown&ad_mt=5263&acvw=sv%3D943%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D9086,802,9266,1122%26p0%3D9086,802,9266,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5313%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1416%26pst%3D417%26dur%3D99009%26vmtime%3D5262%26is%3D33554450%26i0%3D33554450%26cs%3D33558546%26c%3D0%26c0%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D778%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D362918829%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1673544381889%26ptlt%3D1673544390285%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1673544384753&sdkv=h.3.551.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2OTM4NjkwMDkzMjIMNjM5OTcyODA5NzExQOUEUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNI3AFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 17:26:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbXzzXuzxklF4Y0woEQKgm8HplR8uDm6KuMiSYYGC3JzkH-uSUmw_zasudGN1hWRrXbFrgQNISWBuj7bR7R67Bt6taHO3RSwxjUJ_6DippzRkIgE2L&sig=Cg0ArKJSzG6o6uIRQjesEAE&id=lidartos&mcvt=242&p=458,19,708,319&mtos=242,242,242,242,242&tos=242,0,0,0,0&v=20230111&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=642320469&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1673544381178&rpt=329&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&spb=0

Verdicts & Comments Add Verdict or Comment

279 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 08:52:26	Name: __cf_bm Value: z1DuMYx5rWioHE605lL.LIwZTxPs8RWTChW8tYgcsuM-1673544380-0-AfZdZtD5joOSC3qXdDdM7I4HDOcPF0DvJyc96k8hGvmlHWcSgFwdhZp4slnKfW7uBinvuwDTOqDBV05FKzd8QN8=
z.cdn.fsmads.biz/	1970-01-20 18:28:24	Name: AU Value: 810f5b49690950b2
.flaresenha.com/	1970-01-20 18:28:24	Name: _ga Value: GA1.2.741293778.1673544381
.flaresenha.com/	1970-01-20 08:53:50	Name: _gid Value: GA1.2.1368878883.1673544381
.flaresenha.com/	1970-01-20 08:52:24	Name: _gat Value: 1
www.flaresenha.com/	1969-12-31 23:59:59	Name: _ia_loc_c Value: DE
www.flaresenha.com/	1969-12-31 23:59:59	Name: _ia_loc_r Value: HE
www.flaresenha.com/	1970-01-20 08:53:07	Name: bc_int_ads Value: %7B%22v%22%3A1%2C%22r%22%3A%22DE%22%2C%22sportsbook%22%3A%5B%5D%7D
.yahoo.com/	1970-01-20 17:38:21	Name: A3 Value: d=AQABBL5CwGMCEB9VwvhEM7TWoQm8jDayTtsFEgEBAQGUwWPKYwAAAAAA_eMAAA&S=AQAAApRSQ0PCsj05AWRfTe3jw6s
.doubleclick.net/	1970-01-20 08:52:27	Name: DSID Value: NO_DATA
.tribalfusion.com/	1970-01-20 11:02:00	Name: ANON_ID Value: aInseFqkaHbBykt9ZbxaQQZa5ZbrNZdjxFO8rIOqaRyHW05h7u5cfBADs3uhveVjtZaZdOdtEZajsV1u82xYsiVOclT
.flaresenha.com/	1970-01-20 18:14:00	Name: __gpi Value: UID=00000bc020984882:T=1673544380:RT=1673544380:S=ALNI_MbhK2JOHbuc7kJV_J2lgS1OOTb5gA
www.flaresenha.com/	1970-01-20 08:52:26	Name: tt_c_vmt Value: 1673544383
www.flaresenha.com/	1970-01-20 08:52:26	Name: tt_c_c Value: direct
www.flaresenha.com/	1970-01-20 08:52:26	Name: tt_c_s Value: direct
www.flaresenha.com/	1970-01-20 08:52:26	Name: tt_c_m Value: direct
.mathtag.com/	1970-01-20 18:18:19	Name: uuid Value: b0ba63c0-42bf-4900-8892-5a19a91b3829
.mathtag.com/	1970-01-20 09:35:36	Name: mt_mop Value: 4:1673544383
www.flaresenha.com/	1970-01-20 18:28:24	Name: _ttuu.s Value: 1673544383209
.doubleclick.net/	1970-01-20 18:14:00	Name: IDE Value: AHWqTUne2FAgHvyDMdZcrErQEH4z-OQDkQOh6-MDo3futekrA0XJmxcM5OiZ1o2ivIY
.flaresenha.com/	1970-01-20 18:14:00	Name: __gads Value: ID=81117219a15a50d1-2291708f3ddb000d:T=1673544380:S=ALNI_MaQdXAYM7tcny8_SsP4yCURGlMR3A
www.flaresenha.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1374018%22%3A%7B%22page%22%3A1%2C%22time%22%3A1673544383331%7D%7D
.t.tailtarget.com/	1970-01-20 17:38:00	Name: u Value: fwAAAWPAQr+NEQafCLruAgB=
.t.tailtarget.com/	1970-01-20 08:55:17	Name: _ssc Value: y
www.flaresenha.com/	1970-01-20 17:38:00	Name: tt.u Value: 0100007FBF42C0639F06118D02EEBA08
www.flaresenha.com/	1970-01-20 09:35:36	Name: _pbjs_userid_consent_data Value: 3524755945110770
.t.tailtarget.com/	1970-01-20 09:35:36	Name: ttbprf Value: _frankfurt am main_hesse_de_1673544383509_3117783977
.t.tailtarget.com/	1970-01-20 08:52:26	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 09:35:36	Name: ttnprf Value:
www.flaresenha.com/	1970-01-20 08:53:50	Name: tt.nprf Value:
.tt-11382-4.seg.t.tailtarget.com/	1970-01-20 08:52:27	Name: ttca Value: _1673544383
.www.flaresenha.com/	1970-01-20 08:52:27	Name: _ttdmp Value: \|LS:
.3lift.com/	1970-01-20 11:02:00	Name: tluid Value: 950010266649609788071
.adfarm1.adition.com/	1970-01-20 11:02:00	Name: UserID1 Value: 7187818397686823064
.adform.net/	1970-01-20 09:37:02	Name: C Value: 1
.adform.net/	1970-01-20 10:18:48	Name: uid Value: 8495747858404156409
.bidswitch.net/	1970-01-20 17:38:00	Name: tuuid Value: 1add9d21-1d36-4c5a-9864-15d7546bf799
.bidswitch.net/	1970-01-20 17:38:00	Name: c Value: 1673544384
.bidswitch.net/	1970-01-20 17:38:00	Name: tuuid_lu Value: 1673544384
.t.tailtarget.com/	1970-01-20 09:35:36	Name: n Value: 1673544384
.bidswitch.net/	1970-01-20 08:52:24	Name: google_push Value: AavPq0PMr-f73m_5Tnll3C66vKv7XB6UM929ylmQeY8SDx_oPqNq_kv-9nMAW1tgKGxt03eHSxUaQ_dLEUGP0daee_-oiEIl2c4qsx31dRbDlPXXOvl9qqzi8fyqy-DnSxlONBWru0FqdiY

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://a.teads.tv/media/format/v3/teads-format.min.js Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://z.cdn.trafficdok.com/load?z=1618681264&div=zone_1618681264&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1934&pl=3&mi=4&me=8&hc=4&n=1673544380986&url=www.flaresenha.com%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=Fla%20Resenha%20%7C%20Flamengo&zyx=2325446405 Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071573(Line 9) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other	warning	URL: https://cdn.ampproject.org/rtv/012211111611000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 474) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7698fa07da90fa8394404a9bc7c04156.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
b.t.tailtarget.com
c.mgid.com
c1.adform.net
call.cleverwebserver.com
cdn.ampproject.org
cdn.fsmads.biz
cdn.id5-sync.com
cdn.mgid.com
cl.imghosts.com
cm.g.doubleclick.net
cm.mgid.com
controle.flaresenha.com
csi.gstatic.com
d.tailtarget.com
dsp.adfarm1.adition.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
id5-sync.com
imasdk.googleapis.com
intersc.igaming-service.io
ip-api.igaming-service.io
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lpgs.chatbro.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
rr3---sn-5hnekn7d.googlevideo.com
rtb.openx.net
s-img.mgid.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
t.tailtarget.com
t.teads.tv
tags.juicebarads.com
tags.t.tailtarget.com
tpc.googlesyndication.com
tt-11382-4.seg.t.tailtarget.com
ui.cleverwebserver.com
vast.aniview.com
video-native.mgid.com
www.chatbro.com
www.flaresenha.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
z.cdn.fsmads.biz
z.cdn.trafficdok.com
pagead2.googlesyndication.com
104.111.217.42
13.248.245.213
141.95.98.64
142.250.186.66
162.19.138.82
162.19.138.83
18.159.161.163
185.29.132.241
185.86.137.108
190.89.238.70
190.89.239.12
190.89.239.168
2.18.36.193
213.227.149.183
23.218.209.56
2404:6800:4001:803::2003
2600:9000:214f:200:1b:5138:8a40:93a1
2600:9000:223d:e400:17:1c9a:3a40:93a1
2606:4700:10::6816:3456
2606:4700:1::6813:864e
2606:4700:1::6813:884e
2606:4700:4400::ac40:9040
2606:4700::6812:18f6
2606:4700::6812:19ad
2606:4700:e6::ac40:c109
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400d:803::2002
2a00:1450:400d:804::2002
2a00:1450:400d:805::2001
2a00:1450:400d:806::2004
2a00:1450:400d:80a::2006
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2001
2a00:1450:400d:80e::2003
2a00:1450:400d:80e::200a
2a00:1450:400e:1::8
2a00:1450:4025:401::9d
2a02:26f0:3500:58c::2c79
2a03:90c0:41:2801::62
2a05:d018:d29:3605:9223:c75b:4ef4:75e
3.10.72.72
34.102.185.99
34.98.67.61
35.186.253.211
35.201.123.184
37.157.5.141
51.75.86.98
69.173.144.139
85.114.159.118
85.17.31.162
92.123.36.4
01071bb08b79154be460ff8abdc0940ec4b7b7868c758fa223cbc73a9809812f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05fd2d072d360f865ff63c7413d9a59757dceaaa38294c939c848da2f5551b12
08cb37d18c2c7fc6d4202a2b5e14c95b8c6891bd2283b4a6b0486c6bb8672288
09794305a8cc55bab91a87eb5ae2d7fae770766078f3667f4a85e6d2a7ca4aab
0aefb1d90d1391ee5de46fb5c0f3f435ea4920ce1d44758cd26902a3299e249f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0eed67e1809332399c288129807e5080f4c98e0beef9c39b50453861341467
10225331bc5d5da45e4af7d2f8e3536aedd8b7e1fee6e85bf3aecc21236e1ff4
11a5ac551b782447974b6ad7b81b9a92fa277129d0515cdd19e2570b917921db
129bcfd8be88b701454cf738518e0ef404528e6e422da8fbad451af00ca8b6ba
14156e33fd0fdea126751e307aefbe233770a38b834dd08f5a304db2acd7b080
142c617a22d3913ed0981d9fbedd455362e2642722f32cff4128d1e720572c35
15ae58361663c22fb01bc0a5def542d14b770493b2ecdca62d4dc3bd20d6e031
15c77aa9e0958720a201b24e63c2218fd19d7e90acbbc3eca242deae5d2cedfd
163a89e59b219649c013ead3230f372f0e7dca9c8ea0dc0463f991b671b14404
170eadb12b21630729c2c3500c07507dc07733472d89b5ad25921d3db71eced0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e63d835b7fba014329c47ad4c5f5beb5ed509c304480fee4a8ea8eff21fa46
1908a019854f63f45a100260c53827477d6bc912c05e5b6aea068331f8e2eb90
1a3ae8e02f48b4c2384be545382225ae5e1baeb0b502595c0c424d94153266f6
1b13d8eadc295ad9bd39225d830df9d9acfc790c4c79392b0ec6e819ea0ab2b4
1b327f6c52345ab2f25d6ae3327917437183dd620456012c37b6b4d6e651d6bf
2231386c6844c21e35c2fc7364412685715d3bf71a0773f92df52f36a65a2341
22ab2b834ea709e6b28e4a8bbfa2b20093447707590a04821bf1ab146c6834ca
25d11f097277d688b17fb4e7f344364df5d3df3565a591207a0e219db23e8d10
263c4fc9e5cd140d6a05b6a69429e70bf47b494701d07d4814294f88d3742596
264834371dc0ca19ab3356277f3d75ffb062d6162a6e257a83ece3d07fe3014a
282df3d7845ef5cc7a6fad733f6d2b2e25668bc901c319e1e6788e0337b5f105
28d2e71e3039ea6d2ef49abeffd5ef8fa96f1af942a9cd8e22d43ab8a47fd6b6
29db74a209ff5cead579cf4b7afc2350aa8a9c9bea7220420e5dcf3b9fef612f
2a5bc79e9a56b99b71a8032e867bf0bf4e16abfe4789c0325ab735d715c45ab2
2accfb147652fceb30bef4dd7c9964969e07f7cc328ac24e70c6976c6bdeaddc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2da7bded5d97dc6447e78d535549ccc2fefe894bf5b88bd267a862903b715820
2f659d1127e229da4e21081430f10f98cbf39dd97c1af26ca8fc35bd98a0f2e6
2f861450362ca75abe1a24e3c62f8dc33b8c36446535a5536170ce59845f6163
2fc2598df8445b62dbf58421709be4be24ff3bd951488ceba8d286f252fdf149
3051fe73da8c981309664033cbbf58a5992b45c6422e8aaa51f58bdb066c6617
30aa0946c6a6925e490b1fdaa4c7e935e9033386f2fc5c1084a7af60793781e1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322a0f9dfb640f9c96e8e4433109dcd148574a569038dbef68ad9f6942dc1d20
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34531494c6df170fc75807c6ca3231b31bcdbe80fe16244074710009f254f22c
34cfa6074587c0991d92aab6e0b06ebdadae9eac46c28ff636154e3342559d40
37d56c3df75ebee23cca9b8070e9432451fd370aa1e409247f88c47b8a4cda09
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3cf32675d31b1a1c0fc0c12965be148f0a193a3089fcbf31d86b4321e1d32908
3d55433632440b48982c5a208a7d7604319129f1e0a84d666cea2102ac2295ef
3f602d089f0225f9657d05d5263e6ff4aeb4bc3246c2bbb29f526d594e30f54b
40a17e959f3a5c459c62e05a0a7f1e0b238033be63f7ded467b6cc45e4b79fa6
4522ca6cd5ed4798ee9ae984b786cce6a5a9b01c67bab71208c22913bb238439
4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
4c42bcd5f87a7bb474c1e38471ce2ae52169181ea9ede12f2e538d1992de56e8
4cffd5772edf09814cf0b9ed763f1597246e2eb339183c48c2780d736144afac
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef07d248a6c912acb38ef583f27f161483a4b11e89f9b5987a27b14792b6c23
5026abb5780b1a184cd85e18e7221ddbde1753b597897c691aec5625aba7ef4a
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
510b4fd644de37e9d42f9319b9e4e2d574925cd9521a20c28068f8db755bc2bd
521be7662ab9b44984e6673980040011718543c2d17681e9a146263677ee8bc8
521bebd3fb5ab20844f2585f55a12596f88a3748fb88e3a8aab413697fd664e7
539b231699a58945e61a83a506da82839e067a5646af908df328e03b3e8b8960
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53db0d9868aa78298674013a390b4496755b0ae386bcfc529cfcd620d0656970
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
56260306e367a146c7c12e63b9cd2cac5995ad892285247bc03e42d9c98d27ba
5771b4df524111f293f3066d22bdbdb466ef8c66dcfcffa4eb39260e2ae78653
595c8179e94fddabd1598615229afa5ef273638874474dace749f2a9971074b3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
619ae81b00bc325e12926c7636579808760d1446ecb533288c04517e7efe25eb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
695dc4ea641ed0d50d72d3d364055f6a01b6f15881251a0f3b9acec5d2807b98
6b7424970f4e1af0965d045736de4d7703182694a8911bf2a1101a12e8146a7d
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc
6fde990dbe2cf4a94263dd032ed28b21ec8da702f2c1514e529fa351e26f4812
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
729a7b16cb901a8ec09432e92a332633a045124ad52cd8b012219c10fbc0b817
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
76500fd6c6f9f00c027f2eed09ec3ffc748b6b6ab777225bc6347af08b0c6740
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79dcec181adb8982eefb177ee35882829a7467698a3c9c296eac29fba4318d0f
7c1fc1f22827f0dabf3486fdc286f1c909e7acc4b5999365b9328c36c18d17d7
7d4b2a804afc4857040e7a4df492ca818a3440c8b539d648a7efcc57f505b35e
7db57ca35da97c7c6f273ee5e6ce175fccae7207cb7c41b878a79138207694d5
7e0142829ff8505f5cfdad5610074303114e7f08ac016cec6ba144afc929d1df
7e37a75db68216769512d2de82d708ce40ae84ddaa1af1d9b2524de169153146
80c2ac986201217f1574d4f955599ce363f44e6fcb3eef4184fb6a21539441af
8113780bd512b317faf7c7f707e4da322adcd057bd6c71a523e4cc9faa4b5819
83fcdb72fe3be2adc50b25a9bb1733698cb9778d9be9efa7858a8b4ec9c52f95
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86ae6b3d48e75221572311cda6572db61edb611b4be37181450962aa0db4b938
86fd090422d6b1a47241fa6fdc745d3663e8a40cb2789bc6f3ce6256ef60397f
87a54aafe7240910365219da5a0bc911c4fca8ba6e350ea4480cf8639770e59d
87a9a3288101824a61d7605def89bafe8c4a2527e6530aa76e0a493ef1f0ed6f
88800c7a31782acf39762b0f9f2e4038c2cd26748a7ab43f1d98d7bab34ac9f4
8c5e21fa33ea60ffb62947bf062ca4fd3143e0d7f69add58a0555e346b858b75
8c8fed2eb252b615b978715da6f9d319828a6f6f1cdf293483e38663ea4e6cfe
8fa27b9279ad366f04dbd20e554944252e67d941883166b9a79a30ca42a44dd5
90838cf1ec34a515f0004c0fceb953eb68e59883007bbfe6eef3a8aee717f396
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
91cd24f1d5727cad10c927818b02e5f421f125dca1f51588b5db2efffb38b725
9288d000e200d45cf91be9e7a531441323c9b9693afd2be426ea84d86df4abc7
951ff612e3b5ad562e0a3b1498ab7bc0c7319b9430cf6edc715af3b9fdf101eb
96cc37a1a24ac12d7af865422f9c32fb084fb4e856b150ab14ae68cfda27a58e
97de646e7610229dec212db13096c78b6e14ee4d192537d37cb03230c1a87b99
99b7627b56cf4759aa0f42d34fdd32bac55837df34efcb037743b6ca91de2dd3
99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f
9a4ce6bcfef7614312afd1f8f23633a60050137708210c8f5367479aa79cea79
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e81b172bb49c05096feddfa9d5aeb37cc26fdbe3e23370a4069d8c983dae0f4
9f99806a512e7174cf753498837723e5142cd25e4a7ea57d665dde0e5447ed91
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18c926589bc4b1ed6572b544e29a1cd59f72f41e37804fe0559613202bda961
a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1
a2f63f18bbbe390a7a2d93c0f42bd05c549d856969ccba17ee2f1fc734a77f51
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a672e1fb6e4c3120a1f255a765721c64148eb33eacd746323fd9760d378a28a4
a74325135c617201d35fc332689dfa3c976d6e20ecf067a291d1fcab189f79a0
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e92d3af711dd6f3cb9191d282bd36baad3ea60fc15628a1e22ea350aace9f
aad6dddb6c1a00218a5ba24dc48fd1adc25f0e5ff9035952d45a455e2e18163e
aafe75def3c8e3d10dba0687cfd0784526a153e1b85451b51558376ada8d3b4d
ab0fa449b6ae3feda1b5ed46ff7812af0aecaf70d4291c4a61f828771fce8b29
ac275ca2a119d8080881532a278a3fbec41631fadac0ab42fe51795ba673f9fd
acc9d8f6c90cb3b427c8ffcef057b3dec0bae7d242fc79e9d99cec25a40b6160
ad916ebbc202aede5e7c033be6514835d6b0e5e2e2cd71840abacc15cd4190a2
aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0d0b58bae13b33cb602a85dc907aa3eda5a4784272e863b44f264ff2918f281
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b587f9fccdcf122342227870c7576d25874b01a22c31a057ca6d0536010d9ac6
b5bd51fd4ca406964576a31b8697bce42a2583987571b092b8379eff49f74acd
b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f
b81f931e2816d1dc48fb29d19e06eae65262864a37069d04ab43caf106d3effb
b92d5a085caf121d414b29fdf089d31f62f0f56d2a4a4cee7bc1911e1a069c77
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdad96e10a2dbfdd927063366fd8cbea4783970e3b0bcc65e894f7e016b19a4e
c13d1d53e86db2be2a25e07b73c9e9a1bce08610158a53723536b3a2df62e6d3
c184938868342f29fb32d3fe9be380ed171a0dc25fac11fe3c3e358968098f7a
c1b1105cca486db3d42f02277fa8f23b7972424e86ba487eb513fcef33f63655
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
cd4fa02f4aeaa0ac114f769706f9f0d7bf22e9cb0e35a363d4268a22888513d8
cdf10f2d2c2627b33f59c5110c744cc586c01cc00616a689c81b818255de09b5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9f75b6ec7ff8a6d1e6a8d9ff50a4dcca7216ea916d53de5e464316a50a0a82
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d026f555341e85649cd2edd6848b55b6cedfcca0c62bba5099e69b62ea713e40
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
d153eb341a73efd359b7a121e33f79ebf0a4af99caa5f7d86e738bb32236837a
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d798d98c12402372ca3f112eaa38de1100dcec9962067f2a4bdebb80fc71bb59
d813de68c702196d2eeaa7e2e5d55167638741533191d3e5038e329ac3f54940
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d8701138e15ab5c3379f8327d91cd2ed9524c961ca7f0bd3b91677e7f894c29e
d9b4ed6bb59d1c0c75a130ca947ef90a06e253c7e8b841810b68c24d24fe6b3f
da02429bffc3f835cd905bdbeb9cda5d930c2dd173a2cc1b44363da4cd81ccde
defdeece1e2302f3405b271ea544378c0708e085b4d6499f496f52d147259949
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e622d5ecb1ea67297f32c4804b8170d273e742f7970dcadc4ebbaa8ed875bce2
ea8c98cfa6ec8606c05a0c25d5999c1ee5f425b2725355bbe43e12a9a7476d74
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee09844d8469e4284afba7b5bdbafe0963e4254871fa7b80512becd94a0c9ba1
ee161e75bab5b4f62dd74e13636d7d3357b2623aa371bcaeea664142fea1f631
ee4989239a19775bb384c3b4e556b58cdfd3198cd49602c195f90790b48d9cad
eed1f08febd4d5cb89e121dcad39fcb6adc1ba86ffed538d2c3256429c32bddc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaee115f8c9c7c11e2e17bd4d580db1136571500686a8f68cdba7a5117576a6
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51e1388aceb53ada250a106f306e0017dda3caf43e6d6cbf22f510fed41168f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b1f81f8648d2f88d8f4cb6a67f3720a2f945b48f5c18a67c7e950d8a6fc3c1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74fcaf9c728521c218b7bf05a0bf7173b522e7769165c8f97fdf74734cf0907
f75e0333fb9d170052bdbcd219be104a1bd0e9079d0b142141c2ba13eafac957
f8fd19e664526e5667d00bed3e089e60559219501c1fcf5cea88feed079db74c
fbe3cc3471949cce3b67e7d1403f1ce8a945b149f085c2474b898fe6fa7f8ad5
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
ff39d152a05c1657f5a722c7c7a1b991b5f39c6c59bb8aa4541273b7139dd1d2
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.flaresenha.com Open in urlscan Pro 190.89.239.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

304 Requests

94 %HTTPS

61 %IPv6

42 Domains

79 Subdomains

60 IPs

10 Countries

5271 kBTransfer

16164 kBSize

41 Cookies

10 Outgoing links

Redirected requests

304 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.flaresenha.com Open in urlscan Pro
190.89.239.168 Public Scan

Screenshot
Live screenshot

Full Image

304
Requests

94 %
HTTPS

61 %
IPv6

42
Domains

79
Subdomains

60
IPs

10
Countries

5271 kB
Transfer

16164 kB
Size

41
Cookies

304 HTTP transactions
7 data transactions