www.kibrispdr.org Open in urlscan Pro
2606:4700:3033::6815:2108 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Submission: On October 08 via manual (October 8th 2023, 9:21:23 am UTC) from TH — Scanned from DE

Summary HTTP 204 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 40 IPs in 9 countries across 31 domains to perform 204 HTTP transactions. The main IP is 2606:4700:3033::6815:2108, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kibrispdr.org. The Cisco Umbrella rank of the primary domain is 392695.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 9th 2023. Valid for: a year.

This is the only time www.kibrispdr.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17 23	2606:4700:303... 2606:4700:3033::6815:2108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2600:9000:249... 2600:9000:2490:8800:d:7521:8a00:93a1	16509 (AMAZON-02) (AMAZON-02)
39	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
8	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	35.169.13.38 35.169.13.38	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:595::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:801::201b	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
9 17	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4 10	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 8	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
4	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	13.43.154.56 13.43.154.56	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	18.194.90.104 18.194.90.104	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:baeb:931e:26a0:842	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	52.56.171.192 52.56.171.192	16509 (AMAZON-02) (AMAZON-02)
204	40

23 2606:4700:3033::6815:2108 (United States) 17 redirects

ASN13335 (CLOUDFLARENET, US)

www.kibrispdr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.kibrispdr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:2490:8800:d:7521:8a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pnghd.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

strodong.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.13.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-13-38.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)

sluicebigheartedpeevish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.27.193 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.52 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.43.154.56 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-154-56.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.90.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-90-104.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:baeb:931e:26a0:842 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.171.192 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-171-192.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	523 KB
40	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 187732 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	294 KB
29	pnghd.pics cdn.pnghd.pics — Cisco Umbrella Rank: 348721	2 MB
23	kibrispdr.org 17 redirects www.kibrispdr.org — Cisco Umbrella Rank: 392695 cdn.kibrispdr.org — Cisco Umbrella Rank: 704023	217 KB
15	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	241 KB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	7 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal90007.redintelligence.net — Cisco Umbrella Rank: 264997	55 KB
8	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 261 secure.adnxs.com — Cisco Umbrella Rank: 542	6 KB
7	aniview.com tg1.aniview.com — Cisco Umbrella Rank: 13456 track1.aniview.com — Cisco Umbrella Rank: 2622 player.aniview.com — Cisco Umbrella Rank: 2378 play.aniview.com — Cisco Umbrella Rank: 19233	219 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 adservice.google.com — Cisco Umbrella Rank: 118 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	289 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 33897 api.webgains.io — Cisco Umbrella Rank: 91885	18 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 51750 medialead.de — Cisco Umbrella Rank: 51384	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	177 KB
3	gstatic.com fonts.gstatic.com	66 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 storage.googleapis.com — Cisco Umbrella Rank: 439	6 KB
3	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 16420	220 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 643	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	291 B
2	google.de www.google.de — Cisco Umbrella Rank: 6147	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 912	245 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	712 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8325	551 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006	3 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18074	702 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 270642	931 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	421 B
1	sluicebigheartedpeevish.com sluicebigheartedpeevish.com — Cisco Umbrella Rank: 930504
1	github.io strodong.github.io — Cisco Umbrella Rank: 971392	680 B
204	31

	Domain	Requested by
39	pagead2.googlesyndication.com	www.kibrispdr.org pagead2.googlesyndication.com 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
29	cdn.pnghd.pics	www.kibrispdr.org cdn.pnghd.pics
22	www.kibrispdr.org	17 redirects www.kibrispdr.org
17	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
16	tpc.googlesyndication.com	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.kibrispdr.org securepubads.g.doubleclick.net s0.2mdn.net
15	s0.2mdn.net	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com www.kibrispdr.org s0.2mdn.net
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	www.kibrispdr.org securepubads.g.doubleclick.net
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.kibrispdr.org
4	hal90007.redintelligence.net	1 redirects 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com hal90007.redintelligence.net
4	hal9000.redintelligence.net	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com hal90007.redintelligence.net
4	play.aniview.com	www.kibrispdr.org
4	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagmanager.com	www.kibrispdr.org www.googletagmanager.com adv.office-partner.de
3	www.google.com	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com www.kibrispdr.org tpc.googlesyndication.com
3	www.googletagservices.com	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	player.avplayer.com	tg1.aniview.com player.avplayer.com
2	api.webgains.io	analytics.webgains.io
2	c1.adform.net	2 redirects
2	x.bidswitch.net	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
2	www.google.de	www.kibrispdr.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	5994599.fls.doubleclick.net	1 redirects www.kibrispdr.org
2	pv.medialead.de	hal90007.redintelligence.net 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
2	fonts.googleapis.com	cdn.pnghd.pics hal90007.redintelligence.net
1	secure.adnxs.com	1 redirects
1	rtb.openx.net	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	www.kibrispdr.org
1	adv.office-partner.de	hal90007.redintelligence.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	storage.googleapis.com	www.kibrispdr.org
1	player.aniview.com	player.avplayer.com
1	sluicebigheartedpeevish.com	strodong.github.io
1	track1.aniview.com	www.kibrispdr.org
1	strodong.github.io	www.kibrispdr.org
1	cdn.kibrispdr.org	www.kibrispdr.org
1	tg1.aniview.com	www.kibrispdr.org
204	49

This site contains links to these domains. Also see Links.

Domain
cdn.pnghd.pics
www.facebook.com
twitter.com
greedygame.com
blog.kibrispdr.org
www.pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-09` - `2024-02-09`	a year	crt.sh
pnghd.pics Amazon RSA 2048 M02	`2023-07-30` - `2024-08-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.aniview.com GeoTrust TLS RSA CA G1	`2023-07-15` - `2024-08-14`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.avplayer.com GeoTrust TLS RSA CA G1	`2023-08-14` - `2024-09-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sluicebigheartedpeevish.com R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Frame ID: DE43FC87459F4029B06EA8DE3871A913
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 3D547F137DF21701B3FD325797100730
Requests: 1 HTTP requests in this frame

Frame: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 836642F03DD729069E574F067CBC5AD1
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64c3c1fa6897a9c72f00ccc7
Frame ID: 6E98BAD9F92A60A6267CCE0FEB03259A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1239133184530841&output=html&adk=1812271804&adf=3025194257&lmt=1696749676&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696756875865&bpp=9&bdt=301&idt=620&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5264257890677&frm=20&pv=2&ga_vid=1247403905.1696756876&ga_sid=1696756876&ga_hid=2071074017&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078363%2C44795554%2C44804783&oid=2&pvsid=4418733989599691&tmod=2127866241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=650
Frame ID: 1C7DDAF8F5B16D1118C1DA458EC8A5FC
Requests: 1 HTTP requests in this frame

Frame: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D84ECD4394CF2BED4120B529B359B8F7
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1239133184530841&output=html&h=280&slotname=9433365836&adk=3563561369&adf=666181767&pi=t.ma~as.9433365836&w=1200&fwrn=4&fwrnh=100&lmt=1696749676&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696756875932&bpp=12&bdt=368&idt=605&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98424db7b2fe99ed%3AT%3D1696756876%3ART%3D1696756876%3AS%3DALNI_MbeZT2R8lqhxwzq7hz6Ao6CQrghKw&gpic=UID%3D00000c91ad3bbf04%3AT%3D1696756876%3ART%3D1696756876%3AS%3DALNI_MY83NNw4oN_QTpf2GXCxx-dH0d-FA&prev_fmts=0x0&nras=1&correlator=5264257890677&frm=20&pv=1&ga_vid=1247403905.1696756876&ga_sid=1696756876&ga_hid=2071074017&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078363%2C44795554%2C44804783&oid=2&pvsid=4418733989599691&tmod=2127866241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopEe%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zk9dtiQkrH&p=https%3A//www.kibrispdr.org&dtd=613
Frame ID: E04160C754BC196877C59C990F0C0C15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWVvui6R4-hLjLy9bNkWgKFa-oixOs0ct1lndwj0rvbGDxUcTud_TcM7Q5BOxv0XwcB4bB7WGwbk430CDq9SSMx4CFCJuBJ4qeLRtFsqNbs09p7VbeRwPz9Am56tD5UenTaXjiLYeMHHEKaDqq3zhg53QgGalf6kgDky2lgXgHMkcwnFsw
Frame ID: B107CC054F417C68DAC55486EA3A15F8
Requests: 5 HTTP requests in this frame

Frame: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 11EEDFF15043E5ABB171610147BF72E7
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYzPGb-AEwAQ&v=APEucNVwYs7ha0jmscxfk3eEeFC2k49oS7SNJgjWOYF9-NcGKVAq4rskcIGUOnl9XunQCDxr6q7U-Pr_-BtNqmYxkiWh921cR9DDo_bV9h6UPnhvF_vokJ023qbfI91WiE4iV5hGYeeqWCjivgmdADboPVheg9Fcp_oGf6CTJGSdwiWeUtd-VwQ
Frame ID: 3BE16B24213321DD37ACC1D255EC4FD9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 95FA7AAB0FA7E3A4784303AE9FF0A39C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E68DB4DB723ACEB16F507F77AF8B8667
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=74125700035872704444994012471007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 75D79ABA3B7E9743DADC4FFEACE02C0C
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 0E3DEF9DDD26C0E58848A5E3E323B1BF
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259
Frame ID: C3B1CAB1F14DAA8AC94C8285BB29F324
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=74125700035872704444994012471007&a=ec7729bc
Frame ID: B23B4D94BC0259464D68F43468ED6ACA
Requests: 8 HTTP requests in this frame

Frame: https://www.kibrispdr.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 2AB5C99A332C0C02566952C51324636C
Requests: 2 HTTP requests in this frame

Frame: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1C8A7D97363DA738162B0C23DDEB05E8
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjCvJ_sATAB&v=APEucNVmCFo-r2dkEj_ABmgEkmUu5OCCZIBGL8avU2M46QP4hb6kpfwmJabxLrwj_Ju-aLabOR7poNlMlQgCkRkx65PHXvakEDxvsXTUmU3GpK66Ply_Wtj50NhWqjx0BFJMQP8BYqotuF1QHwu7umIpJo6vAyUs9TDiXEseX0DPFaLZtLqTWCg
Frame ID: 1191DF519ED450807C03332780973F9A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B9A5CFE7E7BCEDF310D028AF768827B4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB1454AE4F78C157E4FE4827FEA6CB43
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
Frame ID: 8D1236D00FA9ADBECAE3DA1D3A836881
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F90605DB4E1F9C1D2DDCC13DA3876DC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBCBD68CFC3CD3621EBED833BE230F22
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: 3A9599158706BBB7018B62881D46DB80
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detail Linux Ubuntu Wallpaper Koleksi Nomer 11

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

204
Requests

82 %
HTTPS

51 %
IPv6

31
Domains

49
Subdomains

40
IPs

9
Countries

4573 kB
Transfer

10025 kB
Size

22
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.pnghd.pics/data/739/linux-ubuntu-wallpaper-11.jpg
Title: Zoom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/graffiti-marker.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/graffiti-marker.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/gambar-anime-plastic-memories.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/gambar-anime-plastic-memories.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/gambar-umar-bin-khattab.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/gambar-umar-bin-khattab.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/gambar-dadu-koprok-hewan.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/gambar-dadu-koprok-hewan.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/background-studio-wisuda.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/background-studio-wisuda.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/gambar-kanopi-teras-rumah.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/gambar-kanopi-teras-rumah.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/foto-depan-rumah.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/foto-depan-rumah.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/boneka-yg-menyeramkan.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/boneka-yg-menyeramkan.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/black-power-logo.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/black-power-logo.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/rumah-lego-depok.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/rumah-lego-depok.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/strawberry-jam-converse.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/strawberry-jam-converse.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/scp-990.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/scp-990.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/coole-rote-bilder.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/coole-rote-bilder.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kibrispdr.org/aldi-allium.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.kibrispdr.org/aldi-allium.html

Search URL Search Domain Scan URL

URL: https://greedygame.com/

Search URL Search Domain Scan URL

URL: https://blog.kibrispdr.org/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kibrispdrorg

Search URL Search Domain Scan URL

URL: https://twitter.com/kibrispdrorg

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/kibrispdrorg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.kibrispdr.org/sims-kostuem.jpg HTTP 303
https://www.kibrispdr.org/

Request Chain 12

https://www.kibrispdr.org/graffiti-marker.jpg HTTP 303
https://cdn.pnghd.pics/data/6015/graffiti-marker-5.jpg

Request Chain 13

https://www.kibrispdr.org/gambar-anime-plastic-memories.jpg HTTP 303
https://cdn.pnghd.pics/data/267/gambar-anime-plastic-memories-10.jpg

Request Chain 14

https://www.kibrispdr.org/gambar-umar-bin-khattab.jpg HTTP 303
https://cdn.pnghd.pics/data/581/gambar-umar-bin-khattab-32.jpg

Request Chain 15

https://www.kibrispdr.org/formular-fuer-anzahlung.jpg HTTP 303
https://www.kibrispdr.org/

Request Chain 16

https://www.kibrispdr.org/gambar-dadu-koprok-hewan.jpg HTTP 303
https://cdn.pnghd.pics/data/315/gambar-dadu-koprok-hewan-50.jpg

Request Chain 17

https://www.kibrispdr.org/background-studio-wisuda.jpg HTTP 303
https://cdn.pnghd.pics/data/13/background-studio-wisuda-50.jpg

Request Chain 18

https://www.kibrispdr.org/gambar-kanopi-teras-rumah.jpg HTTP 303
https://cdn.pnghd.pics/data/381/gambar-kanopi-teras-rumah-10.jpg

Request Chain 19

https://www.kibrispdr.org/foto-depan-rumah.jpg HTTP 303
https://cdn.pnghd.pics/data/167/foto-depan-rumah-3.jpg

Request Chain 20

https://www.kibrispdr.org/boneka-yg-menyeramkan.jpg HTTP 303
https://cdn.pnghd.pics/data/23/boneka-yg-menyeramkan-36.jpg

Request Chain 21

https://www.kibrispdr.org/black-power-logo.jpg HTTP 303
https://cdn.pnghd.pics/data/30/black-power-logo-6.jpg

Request Chain 22

https://www.kibrispdr.org/rumah-lego-depok.jpg HTTP 303
https://cdn.pnghd.pics/data/871/rumah-lego-depok-47.jpg

Request Chain 23

https://www.kibrispdr.org/strawberry-jam-converse.jpg HTTP 303
https://cdn.pnghd.pics/data/935/strawberry-jam-converse-32.jpg

Request Chain 24

https://www.kibrispdr.org/scp-990.jpg HTTP 303
https://cdn.pnghd.pics/data/893/scp-990-28.jpg

Request Chain 25

https://www.kibrispdr.org/coole-rote-bilder.jpg HTTP 303
https://cdn.pnghd.pics/data/161/coole-rote-bilder-20.png

Request Chain 26

https://www.kibrispdr.org/aldi-allium.jpg HTTP 303
https://cdn.pnghd.pics/data/19/aldi-allium-1.jpg

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1

Request Chain 66

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSJ0jNAYbgu95Ly5eB5kbQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOgyXF37Lm1zycOFCHYIHuA&google_cver=1

Request Chain 68

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSJ0jNAYbgu95Ly5eB5kbQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOgyXF37Lm1zycOFCHYIHuA&google_cver=1

Request Chain 98

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

Request Chain 99

https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgxfvjHQiZcnzCM2ix_APvYeniAmm5b2gab2TnKfJD_AuEAEg9s-mkwFglYr8gZQHyAEJqQLOG7AQ3cKxPqgDAcgDmwSqBOsBT9C8x6zMyRMEW-TVZttc1rh4UjDufiwB7AtpexNTqkk4n1bLZcp8PNRyAcLBNiZwx1bPr57tRLyOmwpYrdIJgtThF5IgGMmm0g_bA1PVExr24k6vAS-4btjAm9BcbDmOM_HzlDkz4Icb0ZmnFOrJ5G_zU8S0dlGC1eL285n0nsSGCtxcO3Ts4I4YVwJuH9Njhm6p8Sw3TUoSeNmwBr4mwV5mriBnsREbGLww5et6kViTgMBi3NgGxs_6dgzhdvrDxaJ1gD_pMUFibN-T7qdFV9c7Npbn2gbqZ0lykqTfb0RueWn4dIm2m18a_MAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCP31_PaP5oEDFU3REQgdvcMJkbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIyen99o_mgQMVTdERCB29wwmREAEYASAAEgJuCfD_BwE%26num%3D1%26cid%3DCAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ%26sig%3DAOD64_1CzfzHICwlP3uJ__4zOhBEcMWD8g%26client%3Dca-pub-2749054827332983%26dbm_c%3DAKAmf-DocHIJOZhMpPk-OXuHxW5cBHadZzpRsyM9x3VZZVjP090_AjBLsXx0G4uL8icVpP3gLFaIgF_mpN_SAVKbKbPH112YG5cORM_jFF8WzkIguv1Wzgvj51wMbmjF1FPyis_n7wFFFsZ4wFbGEsodBRiCW7_-21VU9sLRddcdxjPbGSV1_Es%26cry%3D1%26dbm_d%3DAKAmf-CVc7pCvir433GQK1wuQ6XMQsCO854L_jgD21GWNgwyLG0h3jcU5l4rF4gr3AwdGCS70IuRR3d15ZKi1qZPNdF2h8C6r1b9yhqd5YqodrJZ_TV5_P0jd7-lT-VozgDtDH0RNDXiLV6I5u31MXe_WYr2K0PjfLGMNWHCTxo_HUIMqfLEstfZlDGzKt7OBo9LhRnvKyKU1TDRSYkax9QsDIBW7ZwNRAgh4LY87OJRnpXhH8j_tjiX4hTIYrQGHhQ2clJrRinkGZaKuuuQXlvPSzClAkEvThLiCQaPukAkuAVP8ufoz1w11R6121R0ZdxE4fAWmnBgyKyyaBK3kEZzIFbvrCyFetFelMAbBVnPVTccbUPaf1IpK7tZtTrSII39FNtgE6W4wdCmFSJEAlVpLP13CaBuE8Tkz63NIM8FPb98cdVIrKn5n8grwEFtVNDJTWSUNFBwyewnhiunVX5hKgyWbRoig2EAQOePbVoY8kWaWd25_4NZnqTYeiQ9QJ9MHTm63T_MkWEk05bItDW1zL7-7Epb3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kibrispdr.org%2F&ancestorOrigins=https%3A%2F%2Fwww.kibrispdr.org&random=1094958562692&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgxfvjHQiZcnzCM2ix_APvYeniAmm5b2gab2TnKfJD_AuEAEg9s-mkwFglYr8gZQHyAEJqQLOG7AQ3cKxPqgDAcgDmwSqBOsBT9C8x6zMyRMEW-TVZttc1rh4UjDufiwB7AtpexNTqkk4n1bLZcp8PNRyAcLBNiZwx1bPr57tRLyOmwpYrdIJgtThF5IgGMmm0g_bA1PVExr24k6vAS-4btjAm9BcbDmOM_HzlDkz4Icb0ZmnFOrJ5G_zU8S0dlGC1eL285n0nsSGCtxcO3Ts4I4YVwJuH9Njhm6p8Sw3TUoSeNmwBr4mwV5mriBnsREbGLww5et6kViTgMBi3NgGxs_6dgzhdvrDxaJ1gD_pMUFibN-T7qdFV9c7Npbn2gbqZ0lykqTfb0RueWn4dIm2m18a_MAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCP31_PaP5oEDFU3REQgdvcMJkbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIyen99o_mgQMVTdERCB29wwmREAEYASAAEgJuCfD_BwE%26num%3D1%26cid%3DCAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ%26sig%3DAOD64_1CzfzHICwlP3uJ__4zOhBEcMWD8g%26client%3Dca-pub-2749054827332983%26dbm_c%3DAKAmf-DocHIJOZhMpPk-OXuHxW5cBHadZzpRsyM9x3VZZVjP090_AjBLsXx0G4uL8icVpP3gLFaIgF_mpN_SAVKbKbPH112YG5cORM_jFF8WzkIguv1Wzgvj51wMbmjF1FPyis_n7wFFFsZ4wFbGEsodBRiCW7_-21VU9sLRddcdxjPbGSV1_Es%26cry%3D1%26dbm_d%3DAKAmf-CVc7pCvir433GQK1wuQ6XMQsCO854L_jgD21GWNgwyLG0h3jcU5l4rF4gr3AwdGCS70IuRR3d15ZKi1qZPNdF2h8C6r1b9yhqd5YqodrJZ_TV5_P0jd7-lT-VozgDtDH0RNDXiLV6I5u31MXe_WYr2K0PjfLGMNWHCTxo_HUIMqfLEstfZlDGzKt7OBo9LhRnvKyKU1TDRSYkax9QsDIBW7ZwNRAgh4LY87OJRnpXhH8j_tjiX4hTIYrQGHhQ2clJrRinkGZaKuuuQXlvPSzClAkEvThLiCQaPukAkuAVP8ufoz1w11R6121R0ZdxE4fAWmnBgyKyyaBK3kEZzIFbvrCyFetFelMAbBVnPVTccbUPaf1IpK7tZtTrSII39FNtgE6W4wdCmFSJEAlVpLP13CaBuE8Tkz63NIM8FPb98cdVIrKn5n8grwEFtVNDJTWSUNFBwyewnhiunVX5hKgyWbRoig2EAQOePbVoY8kWaWd25_4NZnqTYeiQ9QJ9MHTm63T_MkWEk05bItDW1zL7-7Epb3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kibrispdr.org%2F&ancestorOrigins=https%3A%2F%2Fwww.kibrispdr.org&random=1094958562692&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 115

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259

Request Chain 117

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=74125700035872704444994012471007&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=74125700035872704444994012471007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 125

https://www.kibrispdr.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kibrispdr.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1

Request Chain 157

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSJ0jNAYbgu95Ly5eB5kbQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECbyPApCbhXKvgVS1kKO1eg&google_cver=1

Request Chain 159

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

Request Chain 170

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPFrGk8jr0AFONhWOroszCg&google_cver=1&google_push=AXcoOmQbeUzkgSlFAQJlAelv40KN2foNR9MGrrm-XmkSnh5c3nUJDgcR2QfLnnXmy7CmlCDNH_aX6UF2gRzJJGOV1e2N7VB5L5P3 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AwL0XHJIShYCgIR9eb7zJA&google_push=AXcoOmQbeUzkgSlFAQJlAelv40KN2foNR9MGrrm-XmkSnh5c3nUJDgcR2QfLnnXmy7CmlCDNH_aX6UF2gRzJJGOV1e2N7VB5L5P3

Request Chain 172

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENHLeIKP7SROGya7NrMAFeU&google_cver=1&google_push=AXcoOmSuiIQpQwEuWgumghF_3xKjmOkSu0WWkg7ClmdcDZQj-94YDNplzfJbB9Na0SVJK3P84yIObtQ8LHR7yDu8prV94v95l6He HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSuiIQpQwEuWgumghF_3xKjmOkSu0WWkg7ClmdcDZQj-94YDNplzfJbB9Na0SVJK3P84yIObtQ8LHR7yDu8prV94v95l6He&google_hm=eS1kaHJRSFpWRTJwSFE2eXptdnRoQl9QS3VtZWk3R2FXcn5B

Request Chain 173

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF51VUHytXMXYiiaChwn09g&google_cver=1&google_push=AXcoOmR9XZSj5zox-iqArhYwmZfDJGLwo77yoVMv0Jo3dSFO4_nT0-0d_lVHc2l4q8XhSmas9FJOafJRnMKlKMN6vp4loUI36qCz0g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF51VUHytXMXYiiaChwn09g&google_cver=1&google_push=AXcoOmR9XZSj5zox-iqArhYwmZfDJGLwo77yoVMv0Jo3dSFO4_nT0-0d_lVHc2l4q8XhSmas9FJOafJRnMKlKMN6vp4loUI36qCz0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA4MTQ4Mzk0MjY4ODI4ODgwNQ&google_push=AXcoOmR9XZSj5zox-iqArhYwmZfDJGLwo77yoVMv0Jo3dSFO4_nT0-0d_lVHc2l4q8XhSmas9FJOafJRnMKlKMN6vp4loUI36qCz0g

Request Chain 175

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELlJqud1QsHC98shseTnIHg&google_cver=1&google_push=AXcoOmRzuNxgC0mzr1qwR_9bwbU44ZpvjbEHPEDmVBcLEc3hRbqJTWskaGL1TeijJVOMfn5rbQd6hEk6ru0JTvd7vHvW3K_gfDo7L0I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D&google_gid=CAESELlJqud1QsHC98shseTnIHg&google_cver=1&google_push=AXcoOmRzuNxgC0mzr1qwR_9bwbU44ZpvjbEHPEDmVBcLEc3hRbqJTWskaGL1TeijJVOMfn5rbQd6hEk6ru0JTvd7vHvW3K_gfDo7L0I

204 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request linux-ubuntu-wallpaper.html Show response
www.kibrispdr.org/detail-10/ 41 KB
7 KB 462ms
348ms Document
text/html 2606:4700:3033::6815:2108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32ae18172205fa1d2643d2b229b99ef6150864c58a4cbcef7ff4c3a1d3b3b3d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 812d50062a181cab-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 08 Oct 2023 09:21:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOPFlj7A6dv2R3zXkTnp%2BxHUt8wJM3UflB4dy2Hjff4Ggpe%2FMS0LE42Qf2J7jN6Q4F7RAZGJwitSVULNTau0KDEkI3Q0loHI6rWobQw0TrFxTc%2Fed9tnrkHi9BIm4bdOrzCtRT3OIlMoB6JCCpQ69Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.pnghd.pics/aset/css/ 152 KB
23 KB 169ms
43ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/css/bootstrap.min.css
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12) /
Resource Hash: 936fc28708b694c540046537e9cc7c222a4c60a77621bea8a220d63d962d6a77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:11:59 GMT
content-encoding: gzip
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696666030814 130.117.185.101 ConID:685926607/EngineConID:7954227/Core:65
etag: W/"b8e07c8a20536332aa838fb41f6e89d3"
age: 8370
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7WBrgC9WJM6rt_h-Pz5x-N-GjOLGebWvEv9gQyNqNOGVaxVfma0sNA==
x-amz-meta-mtime: 1650465314

GET
H2 200 plugins.css
cdn.pnghd.pics/aset/css/ 68 KB
7 KB 209ms
83ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/css/plugins.css
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head4) /
Resource Hash: 6be0098860e10e261cffd5012b7d2fb0570a3e98d05464b368041ece228b49de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 07:16:51 GMT
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head4)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696749411795 130.117.185.103 ConID:530579936/EngineConID:7185913/Core:49
etag: W/"ff6b3a835fd96bce9ef62849c0aeae2c"
age: 7464
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uaHU5NnhdkldnkI793Y_t3CPYTwnXJeBF54h4_4UQfKGIcCD39nMEQ==
x-amz-meta-mtime: 1654044668

GET
H2 200 style.css
cdn.pnghd.pics/aset/css/ 305 KB
43 KB 209ms
84ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/css/style.css
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12) /
Resource Hash: 3fe4e5d5fc1c557e47312257d2e32df4822753e94e976c6487eaee8f942856e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:05:19 GMT
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696654956431 130.117.185.103 ConID:512552759/EngineConID:6902114/Core:61
etag: W/"8928b5c11044c0a68096a106318b272d"
age: 15356
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tWu7HAJFZvWVcbBnV6hZz1_yaQ886d7vrTEq1P7YPRL1ijvUPtOQLA==
x-amz-meta-mtime: 1673082385

GET
H2 200 customs.css
cdn.pnghd.pics/aset/css/ 1 KB
813 B 167ms
41ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/css/customs.css
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head4) /
Resource Hash: a313e5fb352d98d1e58dd0836cb6c954c0c2606e28c59cd8f725b7834358de7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:36:15 GMT
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head4)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696714568871 130.117.185.102 ConID:523783218/EngineConID:6719231/Core:64
etag: W/"d2520e9da9145036b6bc9ba07ff85bf6"
age: 42300
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kSlR_YKtWC_iZYtKL0QB_rQgDxCIBTM1rDXxTL2vpUW_NhaLK1lkbQ==
x-amz-meta-mtime: 1673844934

GET
H2 200 scheme-08.css
cdn.pnghd.pics/aset/css/colors/ 224 B
717 B 167ms
42ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/css/colors/scheme-08.css
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12) /
Resource Hash: 62261e6166d7a7162f8f3a4809b5cb53d36cbd6707abaa7e5493a3d90ec799ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 10:37:49 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 81806
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 224
last-modified: Sun, 19 Feb 2023 08:16:22 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12)
x-wasabi-cm-reference-id: 1696675039572 130.117.185.100 ConID:687795274/EngineConID:10026721/Core:70
etag: "d3db1a25c76446ea0524eb255a9f7647"
vary: Origin
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-amz-cf-id: mVMaATdLEOkCQa2VpqWj4RiLAjegoDjRQCjiL5l4nng0mlIEpnMFIg==
x-amz-meta-mtime: 1650474776

GET
H2 200 coloring-gradient.css
cdn.pnghd.pics/aset/css/ 12 KB
3 KB 169ms
44ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/css/coloring-gradient.css
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5) /
Resource Hash: c0e85a804a77384d93c5b83792f0eac15cadae09c46744d33016b16bed720fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 07:13:56 GMT
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696749217338 130.117.185.101 ConID:706607019/EngineConID:8130242/Core:5
etag: W/"90f58b7b5d9e1a31e1f088aad9323a2f"
age: 7639
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UJt1M4zch30TBacbHTf_t1pzM-TuLVTm4rwtAOy8vCVxWQMxC675-Q==
x-amz-meta-mtime: 1666712264

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 207ms
115ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1239133184530841

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb6288c0c452016a9d70961e0eb8350e2f7d93dcf6dacaa88f8b213bd83effe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Origin: https://www.kibrispdr.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51019
x-xss-protection: 0
server: cafe
etag: 16110535240790715806
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 223ms
123ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b0dea03abdd4c793fbba0f678a968e548555a92facb697b2f38028a73c969db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29593
x-xss-protection: 0
server: cafe
etag: 23 / 19638 / m202310030101 / config-hash: 4974023841911941900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:15 GMT

GET
H2 200 spt Show response
tg1.aniview.com/api/adserver/ 29 KB
7 KB 149ms
42ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=64c3c249e6895090070d4376&AV_PUBLISHERID=64c3c1fa6897a9c72f00ccc7
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 5c8350b19158354494b7e00f45bcc0ab68ef34f6de0e0b84dae4edc06435aa43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
content-encoding: gzip
vary: origin
x-hw: 1696756875.dop251.fr8.t,1696756875.cds341.fr8.hn,1696756875.cds261.fr8.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 7193

GET
H2 200 logo_kibris.webp
cdn.kibrispdr.org/aset/images/ 60 KB
61 KB 101ms
88ms Image
image/webp 2606:4700:3033::6815:2108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.kibrispdr.org/aset/images/logo_kibris.webp
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7384941eb6908b87883d686559153ef717aab1046e46501636c51206ce368ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3E9E492CE606A618:A
age: 3237
alt-svc: h3=":443"; ma=86400
content-length: 61594
x-amz-id-2: e3Rn6Xy5b23isEu7xhXiL4hxwRCZlQ9SkzliZpgKGVkGwY3yVZB9BiSkr+HNt8bidYcqPfTu2RbF
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1693919542851 130.117.185.101 ConID:998504430/EngineConID:26730764/Core:64
etag: "fc25476e6e3c36a637cbe6e7180cbcd6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ral60JsJrDx2wBWZqh%2Bl3ZgwuBH8SFWokPa2%2F9b05L4OaVECcQ9%2Fpe51f7GVyAkhP7nG60e%2BxhsfQgKuI2xGCdWI%2B3GOBOFXeYFakj2b4c13x%2BCha3KCl6wr1cKn1NcaL%2BYCktb6K1hRmX3CNKNHFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 812d5008bd341cab-FRA
x-amz-meta-mtime: 1673047419

GET
H2 200 linux-ubuntu-wallpaper-11.jpg
cdn.pnghd.pics/data/739/ 63 KB
64 KB 140ms
140ms Image
image/jpeg 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/739/linux-ubuntu-wallpaper-11.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12) /
Resource Hash: d9d06ad12b0e932d3d87b8448278581aa02c596e6b98ea3d212eba3252e56edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sat, 18 Feb 2023 10:52:17 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756870654 130.117.185.103 ConID:531705275/EngineConID:7196091/Core:47
etag: "a1c59a8a0257b4b582a9a0d3f01ce314"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 64605
x-amz-cf-id: 88UECwK19db90KZkK3adsvlWHTKV0w5I4liXxu9auVkbqQPFNKIfKw==
x-amz-meta-mtime: 1659712722.629004534

GET
H3

200

/
www.kibrispdr.org/
Redirect Chain

https://www.kibrispdr.org/sims-kostuem.jpg
https://www.kibrispdr.org/

64 KB
64 KB

734ms
732ms

Image
text/html

2606:4700:3033::6815:2108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kibrispdr.org/
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2606:4700:3033::6815:2108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQXMRtCvvA9l7WUDalBn9LlgqbDuRYfSuv%2FVYgvFIBankg5OmrvtaIpwjhQQ7F8T2nAAVuyDV5Llv4YVJSiWOSf%2BVYMxBuUaHNBJ6fG0Xsvhx8VYRVIBCENnw63ovdg9ZFIrRMqFsni5%2FnCEA0hqUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 812d500a0e8318d6-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8eXwb%2FrjQq%2B0kJRn%2F4VasILf1Z8FkMeApmx6Ptk2zsQRJsreFh1y4Q0fFO3mfaXY1f6YC30xmqxs%2FEoOcjEmQMGwo5AIUtzHwOKzWcIhheOxmyAKBd%2F7anv1LXaIEAYQ2%2FkQ%2BQVyQvkAbyUwI52%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: /./
cf-ray: 812d50087cc51cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

graffiti-marker-5.jpg
cdn.pnghd.pics/data/6015/
Redirect Chain

https://www.kibrispdr.org/graffiti-marker.jpg
https://cdn.pnghd.pics/data/6015/graffiti-marker-5.jpg

213 KB
214 KB

111ms
105ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/6015/graffiti-marker-5.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12) /
Resource Hash: 96eaa3385ba7644d7b4bb6cfdbb57a0fe9a6ab1dae6932b8ea27fc8799490b16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sat, 18 Feb 2023 07:21:39 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756867700 130.117.185.103 ConID:531704812/EngineConID:7165259/Core:61
etag: "083e230c6d5cbe67e86becab6733f8f0"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 217997
x-amz-cf-id: PQyW73j3XUnR02vEZdygjCZj6QYZr_rdfhwqBENbsIRSLIJAnD5K5w==
x-amz-meta-mtime: 1659774328.968374042

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymIAryQ19WUGUgOC8jMErSFs9QXz%2BpVYVcrtdKYw5c6nq0fo1tQTxfw2CztgJexoA4SME9H4AHlqC17YnKy1H4nzq5Dd8qrVwSMarBioHeg0eDCEOe%2B56Yoc5ff8hJXDyk%2FaO9XBmIENQiM3CC0HeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/6015/graffiti-marker-5.jpg
cf-ray: 812d50087cc71cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

gambar-anime-plastic-memories-10.jpg
cdn.pnghd.pics/data/267/
Redirect Chain

https://www.kibrispdr.org/gambar-anime-plastic-memories.jpg
https://cdn.pnghd.pics/data/267/gambar-anime-plastic-memories-10.jpg

588 KB
589 KB

131ms
130ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/267/gambar-anime-plastic-memories-10.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12) /
Resource Hash: d8ac369a29db05063577e7554f0f3d302c5b636f7f1ba5ed303f5b9c464c472b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Feb 2023 19:19:41 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756875580 130.117.185.103 ConID:531706055/EngineConID:7134296/Core:7
etag: "ad7670a21c29f8304b94869671c5af8d"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 602307
x-amz-cf-id: kgnTWREwfEUDruSyRfgkcpWDlMp5-3n_v4LwwJQ18T3H5aAHMllZuw==
x-amz-meta-mtime: 1659721930.41763377

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep%2BB2Ay4BeePG4fbg7lJjzuoGL88ltsWXGhFjVyElryUhhNAZkmue6DkRF7Ptw1CCtNbXPrwgbRGrfqsqiKywaTFfHAcZ4eVLZ98De3HUO5go1QtJ%2Bm7Kq5KdfcKlFgyHX2Zpzbd48IOvrkPVcFm2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/267/gambar-anime-plastic-memories-10.jpg
cf-ray: 812d50087cc81cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

gambar-umar-bin-khattab-32.jpg
cdn.pnghd.pics/data/581/
Redirect Chain

https://www.kibrispdr.org/gambar-umar-bin-khattab.jpg
https://cdn.pnghd.pics/data/581/gambar-umar-bin-khattab-32.jpg

138 KB
139 KB

131ms
130ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/581/gambar-umar-bin-khattab-32.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12) /
Resource Hash: 6493ae2f8d7f5e5ba83fd7872faf459810d1b9d19c52cc85e31898fbf87f4af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sat, 18 Feb 2023 06:45:09 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756869641 130.117.185.103 ConID:531705070/EngineConID:7156029/Core:67
etag: "2b0404125d4fed91febca2988950be01"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 141687
x-amz-cf-id: 13nk9IQ_o4LtdYpsoV3gkZcdTf5D6nUHSvlBYF6E5BnXV36qPU-MVA==
x-amz-meta-mtime: 1659693536.556776286

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR2s%2FV2c2HQz%2FxXShh6Q1ESlZ3R1EruJgzl8WTWZmV9Eks4jtqtrRwPyPzSdzCgQ%2B4Dfwn3fen3dXDOLKF2pVfOGjSaI0tIC45SSS8glI0Nv0t8%2FDWV4CVaaDBgWFNS2gKSvUYNlfN9oIFmHUw7IEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/581/gambar-umar-bin-khattab-32.jpg
cf-ray: 812d50087cc91cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

/
www.kibrispdr.org/
Redirect Chain

https://www.kibrispdr.org/formular-fuer-anzahlung.jpg
https://www.kibrispdr.org/

76 KB
76 KB

263ms
263ms

Image
text/html

2606:4700:3033::6815:2108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kibrispdr.org/
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2606:4700:3033::6815:2108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spMJPfV%2FlC%2BVsUCl9AxYrktKcCTcxIKyclB8Q9qxypETkxZ8g8pvdcbcNTZ03sF0%2BAG7VJ2uOt2O%2FzCjiSIep7oXvZ4xL3ngWhNqBdXzjpIsvGzRsB%2Fi7R360Z9R2D7G%2FrDibySzMfhdROgoRTsXTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 812d5009ee6718d6-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z7GhcxLdL2VFYdkgqjJC87yBWuQdhHvAtW6vjpq4%2FY%2FMSLazrzC5e32w2UL6oKJ%2B8ecopHfSrTKdP6okGrephngpQjK3DdpZPRXynerqhz20iNaITi8%2BAODcTefAjkhbateboSO%2Bg%2BED97f47u%2BtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: /./
cf-ray: 812d50087cca1cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

gambar-dadu-koprok-hewan-50.jpg
cdn.pnghd.pics/data/315/
Redirect Chain

https://www.kibrispdr.org/gambar-dadu-koprok-hewan.jpg
https://cdn.pnghd.pics/data/315/gambar-dadu-koprok-hewan-50.jpg

70 KB
70 KB

157ms
156ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/315/gambar-dadu-koprok-hewan-50.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12) /
Resource Hash: a319e275a48b31327e379e20262dd78a014b788adc93a26857bbdb312193e8d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Fri, 17 Feb 2023 21:21:07 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756870686 130.117.185.101 ConID:708032066/EngineConID:8115049/Core:79
etag: "581d0cd50a5a302182c872310cc26633"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 71320
x-amz-cf-id: xlHDVPZo8v5E6Wh_e3EEV8YC7jRcuHqyUYH274bPAXUW4CLpB4vyOA==
x-amz-meta-mtime: 1659747958.176434173

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKdvBIVuDH3wYs9Pz9zIBQOmJgnFOng8owXGQiWMNXfK16PzJPhJ2KUxy43dfnAXR2oBC5SCrYbvS3Q0QLO6EGl5JYBwtE2KLcAPxbdttn25bZpesqMxyJO4Az3P3Vgq08fovzjHE8wT3N4Cs679ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/315/gambar-dadu-koprok-hewan-50.jpg
cf-ray: 812d50087ccb1cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

background-studio-wisuda-50.jpg
cdn.pnghd.pics/data/13/
Redirect Chain

https://www.kibrispdr.org/background-studio-wisuda.jpg
https://cdn.pnghd.pics/data/13/background-studio-wisuda-50.jpg

229 KB
230 KB

154ms
154ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/13/background-studio-wisuda-50.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12) /
Resource Hash: eb4d6b6d80811992b8411e4668ecf43cbf47dbd5a720f9dd138a3a71f22fa663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Feb 2023 17:20:40 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756867642 130.117.185.101 ConID:708031362/EngineConID:8151230/Core:71
etag: "9885c4562d58efcc64670ba4973bb41f"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 234927
x-amz-cf-id: o7LX2rCt_Ybl-P7DmDMbCBI_jGZEBWRi7qhZRljTj8P6hYLtpyAZMg==
x-amz-meta-mtime: 1659763186

Redirect headers

date: Sun, 08 Oct 2023 09:21:16 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpUCPgKzp7O6JxA8IfAD7eTH8ami1E4nwbQ7z7%2Be%2FTnXqY2tcBlE7VViHbk4m%2FAgIsNet10pbTufUs9A02YMuq95Q0GdlmXbymJx2ncGoK%2BAqJTLVYmVxfLZrDqxwJuPSoa2mhWRZbJ5FSADC3%2FJMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/13/background-studio-wisuda-50.jpg
cf-ray: 812d50087ccd1cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

gambar-kanopi-teras-rumah-10.jpg
cdn.pnghd.pics/data/381/
Redirect Chain

https://www.kibrispdr.org/gambar-kanopi-teras-rumah.jpg
https://cdn.pnghd.pics/data/381/gambar-kanopi-teras-rumah-10.jpg

48 KB
48 KB

84ms
84ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/381/gambar-kanopi-teras-rumah-10.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12) /
Resource Hash: 69ddbcb4bf61d457e462559d6e17799779c4c7e0b6c71457c7d116f2ea298e50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Sat, 18 Feb 2023 01:14:16 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756870197 130.117.185.102 ConID:531705174/EngineConID:6811392/Core:62
etag: "9ae66274f4d98d4cb5ceaf97c6bd87a4"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 48905
x-amz-cf-id: w0kGxTJUx-lK6szTpjCSl1R2eRMFebt3QfeReQ0Wpd9CX3WXDLBOrA==
x-amz-meta-mtime: 1659697833.664760982

Redirect headers

date: Sun, 08 Oct 2023 09:21:16 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep0eNP0a3yqr7UmkwFgUboIPSAZoNYYtidlVTvu1p9DBESxuGHkoqXjtj63iVzgaOC1Q1NVN7hWkRIgx2y%2BwfOAQxPaB%2FxAuDg1QBhCE7XQ9653EanTimD3V1Y6ItdamEcnV%2BqLJ4RbzB5lbUpbYXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/381/gambar-kanopi-teras-rumah-10.jpg
cf-ray: 812d50087cce1cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

foto-depan-rumah-3.jpg
cdn.pnghd.pics/data/167/
Redirect Chain

https://www.kibrispdr.org/foto-depan-rumah.jpg
https://cdn.pnghd.pics/data/167/foto-depan-rumah-3.jpg

55 KB
56 KB

86ms
86ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/167/foto-depan-rumah-3.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12) /
Resource Hash: 939bda21bfb1c1654664f9694d444019077d7f5e16ac1589e0882451bb082f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Feb 2023 15:09:56 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756869709 130.117.185.101 ConID:708031773/EngineConID:8213670/Core:65
etag: "5ba76201615b6418b360f509cb308c6c"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 56526
x-amz-cf-id: r4FBvSrV4t3qJt-ABNmj-3cJGZ7Nle0GOZSr2UoQm9WhgsHX-N__pQ==
x-amz-meta-mtime: 1659760237.706894283

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEoocevdAooICb04GxZF8ksGHzShrwiana7bVnjR8YabI7N8pXr7Ve4mX%2FSwOn0uDQEU%2F0Y6Dmcwsxu1%2FiB9ZsHkClzG57Yjatc2ADYOLkYFtkGloBECR%2F%2FidMb0MeFGfcKQH1PjUzNhPdhdkVgcbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/167/foto-depan-rumah-3.jpg
cf-ray: 812d50087cd21cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

boneka-yg-menyeramkan-36.jpg
cdn.pnghd.pics/data/23/
Redirect Chain

https://www.kibrispdr.org/boneka-yg-menyeramkan.jpg
https://cdn.pnghd.pics/data/23/boneka-yg-menyeramkan-36.jpg

64 KB
64 KB

100ms
94ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/23/boneka-yg-menyeramkan-36.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5) /
Resource Hash: c0d0c7a6a7cc8368cc8c167f51d21ce950bb10db64a1aba108ca2210935e79fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Feb 2023 18:27:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756872421 130.117.185.103 ConID:531705554/EngineConID:7097374/Core:15
etag: "e8276b901ddf1593d09f1b563e6dbfd3"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 65482
x-amz-cf-id: x93AJvK7qSgoBy-zy66GAMWwQAM_bDPMsV32Jw0mg7OXa4DRJtSbCA==
x-amz-meta-mtime: 1659762089

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzhrMBNLoIbQK7dY7wGC4ZuvaWJ1q22vVXDYLoOiQN7cMTEJ6UjLyLOMZcdC6kJrGJ7Vma%2BUwvP3OB9Z6ZeRRgbc4SB%2Bgo3VQp6Y5Lj%2Fnq38uWL3YspWyA1rdv9al5gSjbfVOIJjCMes1Xb6MErHAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/23/boneka-yg-menyeramkan-36.jpg
cf-ray: 812d50087cd41cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

black-power-logo-6.jpg
cdn.pnghd.pics/data/30/
Redirect Chain

https://www.kibrispdr.org/black-power-logo.jpg
https://cdn.pnghd.pics/data/30/black-power-logo-6.jpg

25 KB
25 KB

98ms
98ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/30/black-power-logo-6.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5) /
Resource Hash: 9ba82f97cbb7957a95505585e8cf4df056217a0256e41b9bdc5dd47d76494d8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Feb 2023 20:17:46 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756867655 130.117.185.102 ConID:531704808/EngineConID:6725870/Core:18
etag: "29e9c59f0163f4eaf181c4759ebf2284"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 25110
x-amz-cf-id: rDFoMmc15NzCOzSvjqaVG-379tM1mii1iTpflr4KrcfwP1UhzDr7sA==
x-amz-meta-mtime: 1661510368.08664019

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=So1HUtfGILva2pdMuQVAwdgVrNqOAeF3cHqnI1P%2BjpxSNjHV00j1mSID6GUag6If6ubMsq1IMa005wbJD2coLP9S%2FZp2zqZ%2Fwin8PJtMxyDmxTjirziH%2FrqltRm0%2FCZbbblGckRy8NYXth1gCYoplQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/30/black-power-logo-6.jpg
cf-ray: 812d5008bd2b1cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

rumah-lego-depok-47.jpg
cdn.pnghd.pics/data/871/
Redirect Chain

https://www.kibrispdr.org/rumah-lego-depok.jpg
https://cdn.pnghd.pics/data/871/rumah-lego-depok-47.jpg

72 KB
72 KB

124ms
123ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/871/rumah-lego-depok-47.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5) /
Resource Hash: c8ac0b35cb0e4d7a954fa6b90eb28bba6a8b7a9e0c90ecb12cb9781509f0894d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Sat, 18 Feb 2023 13:38:00 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756867640 130.117.185.100 ConID:708031361/EngineConID:10374571/Core:58
etag: "9e6a20039a4a0a53247323360019cfb2"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 73237
x-amz-cf-id: Vx4N3fynMXxe3yW33MKUry9VmLXIbFoqnNQ8Hz8HfdJuCvNGxemilw==
x-amz-meta-mtime: 1659711030.920111576

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olNSi4Vuf%2BIFW%2F9CFr9Y5gq%2FrE7KkeTZETAj%2F9mvEKaoyojF1nO4iAkrNTO7L%2BRVOc%2Bq4J8Hntej5p5UUHLkhxsaIXhwtdUM%2FylH7f%2F9IN3Y5fwlzNhVcWIjhQ%2BJAmbbS%2Ff5qQj3TqpeLFp4Smq7DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/871/rumah-lego-depok-47.jpg
cf-ray: 812d5008bd2c1cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

strawberry-jam-converse-32.jpg
cdn.pnghd.pics/data/935/
Redirect Chain

https://www.kibrispdr.org/strawberry-jam-converse.jpg
https://cdn.pnghd.pics/data/935/strawberry-jam-converse-32.jpg

15 KB
15 KB

79ms
78ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/935/strawberry-jam-converse-32.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12) /
Resource Hash: adfecc948f69313c97c6c6fa230ab8c727c6c84971222dfc90a6ed3c95cbaff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 10:25:49 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 82526
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15139
last-modified: Sat, 18 Feb 2023 15:37:56 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12)
x-wasabi-cm-reference-id: 1696674349265 130.117.185.103 ConID:516209282/EngineConID:6885452/Core:17
etag: "c2d059be5abdd34268281ad159b070dd"
vary: Origin
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: ptOU5XRU7XyOo66DhN8pBGXRastyWTouCHN2kYVn8SKShLMtxAAvuw==
x-amz-meta-mtime: 1659707763.983396782

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpULbAqPe7vSA3Va%2Bb4Fh0G9AifGGhOJEy7HPTlwaxDh6ax0C2Kt6t5n5HpA2LXlhF%2BMRrYKui7LPeXXLXT2DBcID07PcmZlCpIDVbBrZ1nzdCg1MODeQBXiB2Y4InPaaU3nC%2B%2FiRclDaqeVm5kx%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/935/strawberry-jam-converse-32.jpg
cf-ray: 812d5008bd2d1cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

scp-990-28.jpg
cdn.pnghd.pics/data/893/
Redirect Chain

https://www.kibrispdr.org/scp-990.jpg
https://cdn.pnghd.pics/data/893/scp-990-28.jpg

145 KB
146 KB

138ms
137ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/893/scp-990-28.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5) /
Resource Hash: eb481da6943ff90659d633d2627cd3a2538ea30dcd791bd540a416a61d1499f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Sat, 18 Feb 2023 14:33:19 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756867767 130.117.185.100 ConID:708031374/EngineConID:10399545/Core:50
etag: "68dd52a994d3b5fe63d2758e3e880a79"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 148860
x-amz-cf-id: I_E1lGhtMoyWv9NE5lOwvviEzjOmhExHyFE_pbvQY6cQeA8c72pN-w==
x-amz-meta-mtime: 1659773795.828454871

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b06m3N%2BNaOy64vBE6T5IbS3EAVPxWHoaZny72J1SxvNpkC%2BU0JlfhvX0h1MGPLnM%2FYG7x01M1dKr6OINqLnhKpgoQdWKgawCU01WkTGbcexRTT4jlgMGCEArkr8vbjK7RXEsztqpD91Pe6xE1xHkOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/893/scp-990-28.jpg
cf-ray: 812d5008bd2e1cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

coole-rote-bilder-20.png
cdn.pnghd.pics/data/161/
Redirect Chain

https://www.kibrispdr.org/coole-rote-bilder.jpg
https://cdn.pnghd.pics/data/161/coole-rote-bilder-20.png

68 KB
69 KB

162ms
161ms

Image
image/png

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/161/coole-rote-bilder-20.png
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12) /
Resource Hash: 200dee27d7ff2ce47ef24b62a988670383263fbbeb183c7eed7e599175f81e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Feb 2023 14:39:53 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756875998 130.117.185.100 ConID:708033317/EngineConID:10353562/Core:72
etag: "0f95a2e7878131057d3a908d578e66c2"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 69867
x-amz-cf-id: e8rgJ02NJZHBDQHhr8F6RhMjIFO9n_IqzRtZ4PI_TCLe3fGvn1-Bqg==
x-amz-meta-mtime: 1662199214.188297959

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FNx56lkOaef5LFK%2Bmqu3dQPARhfhN5AOf0MDBfdFjGfp1qrQhenMPa9f9CrnVIZvqS5u6Yn%2Fk08lcN2JXu6kWg7f6oaPWc%2BPnR2xPxrWVP%2FJfQiaRNPacyqAsFP6%2FXFydTU%2FPizZSq4jymPDpENow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/161/coole-rote-bilder-20.png
cf-ray: 812d5008bd301cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

aldi-allium-1.jpg
cdn.pnghd.pics/data/19/
Redirect Chain

https://www.kibrispdr.org/aldi-allium.jpg
https://cdn.pnghd.pics/data/19/aldi-allium-1.jpg

14 KB
14 KB

103ms
102ms

Image
image/jpeg

2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pnghd.pics/data/19/aldi-allium-1.jpg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H3
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5) /
Resource Hash: 891edf3e5ec398b442b9f387793c3e4304776de3e96697ae4204dfa4c620fa15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Feb 2023 17:27:40 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696756874060 130.117.185.101 ConID:708032847/EngineConID:8154554/Core:69
etag: "c30d0a850a4bd8002c729fc535945ed4"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 14030
x-amz-cf-id: tet161syfA1lj3AK2NvmfasMu4MvkKmEC5I-pD7HynABTG0Xne41sw==
x-amz-meta-mtime: 1661484139.596976786

Redirect headers

date: Sun, 08 Oct 2023 09:21:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jusACSlkUIyEGqV947COwDCfNoSJVWY30Iw5rd%2BjjMHQRW8BZVFXL2iBlC57xdxAluNlsQOPRtPHtz6GECyu4xt9uUGSDHY5tblzR3VHZ93gndLrBfAr6HxwOm92i9lLGA%2Bbw%2BRxam%2BqtfhK9lOlHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cdn.pnghd.pics/data/19/aldi-allium-1.jpg
cf-ray: 812d5008bd331cab-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 banner.js Show response
strodong.github.io/blogger/ 341 B
680 B 246ms
147ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://strodong.github.io/blogger/banner.js

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

bafc6b02cb01cfdb4dfb4e6d93ac5389eeb63bc136db92b4baa2e0a157207cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-fastly-request-id: 2305a5d2e7e143abc1f75ba7e3245610fdf0e1f5
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Oct 2023 09:21:15 GMT
age: 0
x-cache: HIT
x-cache-hits: 1
x-proxy-cache: HIT
content-length: 253
x-served-by: cache-ams21036-AMS
last-modified: Thu, 10 Aug 2023 23:30:10 GMT
server: GitHub.com
x-github-request-id: 2EA4:6606:129BB23:130CD23:650CD453
x-timer: S1696756876.684851,VS0,VE105
etag: W/"64d57302-155"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 21 Sep 2023 23:49:02 GMT

GET
H2 200 plugins.js Show response
cdn.pnghd.pics/aset/js/ 527 KB
144 KB 90ms
90ms Script
text/javascript 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/js/plugins.js
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12) /
Resource Hash: e809beff76ac0155f41f07b08ce2e0bbb3e817aaa99954077a71932015142959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 16:29:34 GMT
content-encoding: gzip
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696696174448 130.117.185.100 ConID:691953186/EngineConID:10076311/Core:74
etag: W/"88693b9e20039d0345f8da49ab045e94"
age: 60701
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YaSVTBdEgjINyzN8qMPixx4MFKA51jkmNDzc_P5cYDJlXz-9dxBnGg==
x-amz-meta-mtime: 1673105016

GET
H2 200 designesia.js Show response
cdn.pnghd.pics/aset/js/ 80 KB
13 KB 137ms
137ms Script
text/javascript 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/js/designesia.js
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12) /
Resource Hash: b5b75803d849d09634248b2111690b992e578a8a5b8c38d3381e498397cd8cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:54:12 GMT
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R206-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696654406457 130.117.185.103 ConID:512435062/EngineConID:6981218/Core:39
etag: W/"ff56f1318c4d86e2d4bcdac03c0f65f5"
age: 16023
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Eum-28sskMiynzOhq0-N_SUPrQbfwpRjSOw15WjExhu81M_pj4sEQA==
x-amz-meta-mtime: 1666710438

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 144ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9601536-26

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f21bad43d34adafa5e76e094e56a45bc275ac98bc994f74c8836035b6151620a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 09:21:15 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8.3/v/ 456 KB
132 KB 163ms
42ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by: Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=64c3c249e6895090070d4376&AV_PUBLISHERID=64c3c1fa6897a9c72f00ccc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: b7ab63d94e541965c72713e5a1703be797850dc070f101938910e303011bbefa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 15:42:12 GMT
etag: "1696434132"
x-hw: 1696756875.dop226.fr8.t,1696756875.cds143.fr8.hn,1696756875.cds108.fr8.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 134613

GET
H2 200 track
track1.aniview.com/ 0
98 B 390ms
117ms Image
text/plain 35.169.13.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=64c3c1fa6897a9c72f00ccc7&cid=64c3c20d5a910e432b0c75d6&cb=1696756875742&r=www.kibrispdr.org&stagid=64c3c249e6895090070d4376&stplid=63db4b2dc8b7c748800ebd06&d35=&d65=&d66=8&d74=&e=playerLoaded&str=viewable
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.13.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-13-38.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
902 B 140ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@200;300;400;500;600;700;800&display=swap

Requested by

Host: cdn.pnghd.pics
URL: https://cdn.pnghd.pics/aset/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3fe5f3bc15b6e004540f8378f815b552e34a04260b8b8b6b930081cc1211da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.pnghd.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 09:21:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 09:21:15 GMT

GET
H2 200 font-awesome.css
cdn.pnghd.pics/aset/fonts/font-awesome/css/ 37 KB
7 KB 82ms
81ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/fonts/font-awesome/css/font-awesome.css
Requested by: Host: cdn.pnghd.pics
URL: https://cdn.pnghd.pics/aset/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5) /
Resource Hash: 0e85590640946c32df45b93943bac4f6c376783029f93a122327f0790296118d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.pnghd.pics/aset/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 17:48:27 GMT
content-encoding: br
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:22 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696614037655 130.117.185.100 ConID:668035512/EngineConID:9752815/Core:28
etag: W/"2d42cdf48fb0a4aed3e1a43cba7726c2"
age: 56299
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tpTaWWO53CtuAfqskOFuiQnN0K8oSynrq0gNBWXveoHEEIbvmerkYw==
x-amz-meta-mtime: 1623710652

GET
H2 200 style.css
cdn.pnghd.pics/aset/fonts/elegant_font/HTML_CSS/ 25 KB
5 KB 86ms
84ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/fonts/elegant_font/HTML_CSS/style.css
Requested by: Host: cdn.pnghd.pics
URL: https://cdn.pnghd.pics/aset/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12) /
Resource Hash: ef20e6454d107e698e67fc13a44c9ecb7d76d4ea84900371682502f75c99c8b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.pnghd.pics/aset/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:11:59 GMT
content-encoding: gzip
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:22 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696666032450 130.117.185.102 ConID:514749436/EngineConID:6545246/Core:20
etag: W/"bbb79964f1980eaab2822f83c2c75d9d"
age: 29846
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Q-OKioq7d3ucCRRPiR2rsTDs2CtGoi9oHjuos2J5bxdekuOW5PsKGw==
x-amz-meta-mtime: 1380820666

GET
H2 200 style.css
cdn.pnghd.pics/aset/fonts/et-line-font/ 7 KB
2 KB 85ms
83ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/fonts/et-line-font/style.css
Requested by: Host: cdn.pnghd.pics
URL: https://cdn.pnghd.pics/aset/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12) /
Resource Hash: 4b2ef7a267f6e6ec05e6c4cf9c71247271650a82716774767ce4285edb5c2ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.pnghd.pics/aset/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 10:37:51 GMT
content-encoding: gzip
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696675051135 130.117.185.103 ConID:516316602/EngineConID:7056042/Core:29
etag: W/"a6431aff83b44ab55177544ec4113613"
age: 81804
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pTyoXAeLeZW6mJSOTIyRrq6zxIPZP6YRViKLjAoPle5zy867nEkF3Q==
x-amz-meta-mtime: 1390832708

GET
H2 200 icofont.min.css
cdn.pnghd.pics/aset/fonts/icofont/ 90 KB
17 KB 85ms
84ms Stylesheet
text/css 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/fonts/icofont/icofont.min.css
Requested by: Host: cdn.pnghd.pics
URL: https://cdn.pnghd.pics/aset/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12) /
Resource Hash: c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.pnghd.pics/aset/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 07:12:02 GMT
content-encoding: gzip
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R106-U12)
x-amz-cf-pop: FRA56-P6
x-wasabi-cm-reference-id: 1696575728061 130.117.185.102 ConID:493101917/EngineConID:6301804/Core:78
etag: W/"bc3386881ee767bbb22f98017933f769"
age: 7753
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FpCq2YwOsLilocgPd0xsLQp0Iv4Y2fLABX1Jl-sBNRUar2ldu82CcQ==
x-amz-meta-mtime: 1533797940

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 218ms
137ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1239133184530841&plah=www.kibrispdr.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1239133184530841

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05ba15e7c88102f7b1face40c8df1bba2dfd2f66d16a209952460f2644e87f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135178
x-xss-protection: 0
server: cafe
etag: 12601095518186124840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 3D54 10 KB
5 KB 125ms
39ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1239133184530841

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 12:46:28 GMT
etag: 2603938475786422795
expires: Sat, 21 Oct 2023 12:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 419 KB
132 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:14:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3976
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 07 Oct 2024 08:14:59 GMT

GET
H2 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v14/ 36 KB
37 KB 133ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v14/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2113de896c7ffcc1d75fe539e9ba823bb93ada5cbf6fa83873d35a042b2ca46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kibrispdr.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 19:06:54 GMT
x-content-type-options: nosniff
age: 137662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37000
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 22:08:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 19:06:54 GMT

GET
H/1.1 403
Forbidden invoke.js
sluicebigheartedpeevish.com/7274f145ccd626ed577bfbc551f6d59e/ 0
0 1386ms
122ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://sluicebigheartedpeevish.com/7274f145ccd626ed577bfbc551f6d59e/invoke.js
Requested by: Host: strodong.github.io
URL: https://strodong.github.io/blogger/banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.kibrispdr.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 08 Oct 2023 09:21:17 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 fontawesome-webfont.woff2
cdn.pnghd.pics/aset/fonts/font-awesome/fonts/ 75 KB
76 KB 83ms
42ms Font
font/woff2 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cdn.pnghd.pics
URL: https://cdn.pnghd.pics/aset/fonts/font-awesome/css/font-awesome.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://cdn.pnghd.pics/aset/fonts/font-awesome/css/font-awesome.css
Origin: https://www.kibrispdr.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 07:04:33 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
age: 8203
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Sun, 19 Feb 2023 08:16:21 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (R204-U12)
x-wasabi-cm-reference-id: 1696575763135 130.117.185.102 ConID:493108500/EngineConID:6236860/Core:14
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, MOVE, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: NKrbWz4QlgR_VmROaPyr7BpQehNn8OR2KYYpFbLRYyas5icm1NDpIg==
x-amz-meta-mtime: 1566520530

GET
H3 200 ElegantIcons.woff
cdn.pnghd.pics/aset/fonts/elegant_font/HTML_CSS/fonts/ 62 KB
63 KB 83ms
43ms Font
font/woff 2600:9000:2490:8800:d:7521:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pnghd.pics/aset/fonts/elegant_font/HTML_CSS/fonts/ElegantIcons.woff
Requested by: Host: cdn.pnghd.pics
URL: https://cdn.pnghd.pics/aset/fonts/elegant_font/HTML_CSS/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2490:8800:d:7521:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5) /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer: https://cdn.pnghd.pics/aset/fonts/elegant_font/HTML_CSS/style.css
Origin: https://www.kibrispdr.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 10:37:58 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
age: 81798
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 63664
last-modified: Sun, 19 Feb 2023 08:16:22 GMT
server: WasabiS3/7.16.1950-2023-08-24-c6d9c0fd32 (head5)
x-wasabi-cm-reference-id: 1696675075113 130.117.185.103 ConID:516321164/EngineConID:6863282/Core:21
etag: "fdd9e757bf61675343dcf55100422b84"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, MOVE, OPTIONS
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: Date, Etag, Content-Length, Accept-Ranges, Content-Range, Server, Location, X-Amz-Version-Id
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: raU0w0l6y_M5XBf0-UF83Jx9N2eN1M__MSpShfnDP_WSNt2uHC-EGg==
x-amz-meta-mtime: 1380851402

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 711ms
711ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4418733989599691&correlator=3193516593021001&eid=31078259&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22731072168%3A22540162842%2Ckibrispdr.org.Banner0.1690548715&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C300x250%7C320x280%7C336x280%7C360x300&fluid=height&ifi=3&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=www.kibrispdr.org&abxe=1&dt=1696756876087&adxs=42&adys=929&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=kibrispdr.org&loc=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&vis=1&psz=1516x0&msz=1516x0&fws=4&ohw=1600&ga_vid=1247403905.1696756876&ga_sid=1696756876&ga_hid=2071074017&ga_fc=false&dlt=1696756875564&idt=488&adks=3252221900&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93acdd0868422cb8ea8372774a74bd16ce2e66e5168a213fa56ab890fc826542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9554
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 344ms
344ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4418733989599691&correlator=3193516593021001&eid=31078259&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22731072168%3A22540162842%2Ckibrispdr.org.Banner0.1690548800&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C300x250%7C320x280%7C336x280%7C360x300&fluid=height&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=www.kibrispdr.org&abxe=1&dt=1696756876095&adxs=32&adys=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=kibrispdr.org&loc=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&vis=1&psz=1560x0&msz=1536x0&fws=4&ohw=1600&ga_vid=1247403905.1696756876&ga_sid=1696756876&ga_hid=2071074017&ga_fc=false&dlt=1696756875564&idt=488&adks=2337158597&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b740be1e50481f53692bb7516edde9815ade5d5da7be6301121c74af48254e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10830
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8366 6 KB
3 KB 156ms
48ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:16 GMT
expires: Mon, 07 Oct 2024 09:21:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ui.js Show response
player.avplayer.com/script/8.3/v/ 372 KB
83 KB 44ms
44ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/ui.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 7681541ea33eafab1faa265a579e1bf4f9a12c36008cec5cb01b29fc0a07046c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 15:42:12 GMT
etag: "1696434132"
x-hw: 1696756876.dop226.fr8.t,1696756876.cds143.fr8.hn,1696756876.cds342.fr8.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 84738

GET
H2 200 sprite.svg Show response
player.avplayer.com/script/8.3/v/ 14 KB
5 KB 127ms
42ms Fetch
image/svg+xml 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/sprite.svg
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/ui.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 3b9e90a5fbc13fff5ac8342cd2af0316342cf5070859cddb621b3ec1f94896b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 15:42:12 GMT
etag: "1696434132"
x-hw: 1696756876.dop251.fr8.t,1696756876.cds101.fr8.hn,1696756876.cds164.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 4831

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 6E98 448 KB
128 KB 155ms
41ms Script
text/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64c3c1fa6897a9c72f00ccc7
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9d2279c20b628cf8050e193b6099cbd98ae75a282acc0d7d98d411741936f88d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsRI-oMUo4cfQqo-O0IU8zovxJZf9YvQNC0tb4rKNY0ZROOx0MlmNv1BxQrwJS3g581HgtuRfbwAH6aJ5Dit7vz8RV7A6Mo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 130747
last-modified: Sun, 08 Oct 2023 08:36:21 GMT
server: UploadServer
etag: "140d5d49d08ab672de929ef34abeaced"
vary: Accept-Encoding
x-goog-generation: 1696754181709576
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=jT0LYg==, md5=FA1dSdCKtnLekp7zSr6s7Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 130747
accept-ranges: bytes
expires: Sun, 08 Oct 2023 09:31:16 GMT

GET
H2 200 gg.jpeg
storage.googleapis.com/console-prod/static/1647248968103/ 4 KB
4 KB 127ms
39ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/console-prod/static/1647248968103/gg.jpeg
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2eeafbf6e8c39cb74e58548f68bca84b2a785ae31e065f81b01247cb2bbba3a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:59:00 GMT
age: 1336
x-guploader-uploadid: ADPycdt77t_MdtvMbq2p_HMIZuYEgMJFPgU4JyKospSEvPQlZ1dgvzDJGUmyonSDiwfNpKSsLx8Uaokzrtog9OUydzdIC5RmOvSf
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
last-modified: Mon, 14 Mar 2022 09:09:29 GMT
server: UploadServer
etag: "3e44c151a10676877ecadd43815d7c9c"
x-goog-generation: 1647248969723090
x-goog-hash: crc32c=WKvvuQ==, md5=PkTBUaEGdod+yt1DgV18nA==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 3945
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 08 Oct 2023 09:59:00 GMT

GET
H2 206 EpicPlay%20Video%20-%2010%20min%20Extended.mp4
play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/ 51 KB
0 76ms
42ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/EpicPlay%20Video%20-%2010%20min%20Extended.mp4
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.kibrispdr.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
x-guploader-uploadid: ADPycdt5NRSb09GQ11zyvbrkkkXQJ8V2OGscMU3Ge8SQx2qhCwzmJJzY0GCz8NChhBS9CDGbyElaSHsMi1U0uyFZXRrpvw
x-goog-storage-class: MULTI_REGIONAL
Content-Range: bytes 0-12864437/12864438
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 12864438
last-modified: Tue, 21 Feb 2023 14:59:02 GMT
server: UploadServer
etag: "1d1ced0dc744bf51c386bfdbdb4f912b"
x-goog-generation: 1676991542343592
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=pMHE4w==, md5=HRztDcdEv1HDhr/b20+RKw==
access-control-expose-headers: Content-Type, range
cache-control: max-age=1800
x-hw: 1696756876.dop251.fr8.t,1696756876.cds341.fr8.hn,1696756876.cds159.fr8.c
x-goog-stored-content-length: 12864438
accept-ranges: bytes

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
421 B 48ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kibrispdr.org&callback=_gfp_s_&client=ca-pub-1239133184530841

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1239133184530841&plah=www.kibrispdr.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdbfe137f5064c22a1874bff725a30ba8eb72f3c35d19c1b1c1108af55e41ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C7D 10 KB
5 KB 459ms
459ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1239133184530841&output=html&adk=1812271804&adf=3025194257&lmt=1696749676&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696756875865&bpp=9&bdt=301&idt=620&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5264257890677&frm=20&pv=2&ga_vid=1247403905.1696756876&ga_sid=1696756876&ga_hid=2071074017&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078363%2C44795554%2C44804783&oid=2&pvsid=4418733989599691&tmod=2127866241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=650

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdaef2e2f4525f0046229e0e865f7d64c5ea19f5c39cf54d9228a0214e50e725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4459
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:16 GMT
expires: Sun, 08 Oct 2023 09:21:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D84E 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:16 GMT
expires: Mon, 07 Oct 2024 09:21:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E041 436 B
511 B 433ms
433ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1239133184530841&output=html&h=280&slotname=9433365836&adk=3563561369&adf=666181767&pi=t.ma~as.9433365836&w=1200&fwrn=4&fwrnh=100&lmt=1696749676&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696756875932&bpp=12&bdt=368&idt=605&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98424db7b2fe99ed%3AT%3D1696756876%3ART%3D1696756876%3AS%3DALNI_MbeZT2R8lqhxwzq7hz6Ao6CQrghKw&gpic=UID%3D00000c91ad3bbf04%3AT%3D1696756876%3ART%3D1696756876%3AS%3DALNI_MY83NNw4oN_QTpf2GXCxx-dH0d-FA&prev_fmts=0x0&nras=1&correlator=5264257890677&frm=20&pv=1&ga_vid=1247403905.1696756876&ga_sid=1696756876&ga_hid=2071074017&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078363%2C44795554%2C44804783&oid=2&pvsid=4418733989599691&tmod=2127866241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CopEe%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zk9dtiQkrH&p=https%3A//www.kibrispdr.org&dtd=613

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdd88d419308a1c4a115a80480de2d4513af5f0216baac7b15c2bf26d789b159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:16 GMT
expires: Sun, 08 Oct 2023 09:21:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B107 624 B
537 B 82ms
81ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWVvui6R4-hLjLy9bNkWgKFa-oixOs0ct1lndwj0rvbGDxUcTud_TcM7Q5BOxv0XwcB4bB7WGwbk430CDq9SSMx4CFCJuBJ4qeLRtFsqNbs09p7VbeRwPz9Am56tD5UenTaXjiLYeMHHEKaDqq3zhg53QgGalf6kgDky2lgXgHMkcwnFsw

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:16 GMT
expires: Sun, 08 Oct 2023 09:21:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D84E 89 KB
31 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D84E 42 B
63 B 83ms
82ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvEHzwRRlVMN71Y40Rh1S2E7vuxOWqxIqElpgxE-ZByXGk_wnCZv8eKfQULyp0NdDTE_E_XXNGoSo3Et4E4pl5I5hpF_2SszDW3Z5LImfIihLWXvk

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D84E 0
20 B 107ms
105ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13899249231744807610&x=1&ct=77

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D84E 3 KB
1 KB 153ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 08:33:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D84E 20 KB
9 KB 152ms
43ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D84E 187 KB
59 KB 154ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:16 GMT

GET
H2 206 EpicPlay%20Video%20-%2010%20min%20Extended.mp4
play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/ 626 KB
0 106ms
106ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/EpicPlay%20Video%20-%2010%20min%20Extended.mp4
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.kibrispdr.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=12156928-

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
x-guploader-uploadid: ADPycdt5NRSb09GQ11zyvbrkkkXQJ8V2OGscMU3Ge8SQx2qhCwzmJJzY0GCz8NChhBS9CDGbyElaSHsMi1U0uyFZXRrpvw
x-goog-storage-class: MULTI_REGIONAL
Content-Range: bytes 12156928-12864437/12864438
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 707510
last-modified: Tue, 21 Feb 2023 14:59:02 GMT
server: UploadServer
etag: "1d1ced0dc744bf51c386bfdbdb4f912b"
x-goog-generation: 1676991542343592
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=pMHE4w==, md5=HRztDcdEv1HDhr/b20+RKw==
access-control-expose-headers: Content-Type, range
cache-control: max-age=1800
x-hw: 1696756876.dop251.fr8.t,1696756876.cds341.fr8.hn,1696756876.cds159.fr8.c
x-goog-stored-content-length: 12864438
accept-ranges: bytes

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B107
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1

43 B
335 B

56ms
56ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWVvui6R4-hLjLy9bNkWgKFa-oixOs0ct1lndwj0rvbGDxUcTud_TcM7Q5BOxv0XwcB4bB7WGwbk430CDq9SSMx4CFCJuBJ4qeLRtFsqNbs09p7VbeRwPz9Am56tD5UenTaXjiLYeMHHEKaDqq3zhg53QgGalf6kgDky2lgXgHMkcwnFsw
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dv6P77KFQh3n6o5UenYBLDuUJQ7pO7fH%2FoH836eYMu22f1flBWo0qA4B4HO9D5bpNNxfXtPd5grX6z%2Fe3mRZpTDhdFfQhY8PBPArpyKyJwyATpNyo4tOJBg15q5HidIYDZhNmTCFNV71cw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812d501059379106-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B107
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSJ0jNAYbgu95Ly5eB5kbQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1

43 B
774 B

53ms
53ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWVvui6R4-hLjLy9bNkWgKFa-oixOs0ct1lndwj0rvbGDxUcTud_TcM7Q5BOxv0XwcB4bB7WGwbk430CDq9SSMx4CFCJuBJ4qeLRtFsqNbs09p7VbeRwPz9Am56tD5UenTaXjiLYeMHHEKaDqq3zhg53QgGalf6kgDky2lgXgHMkcwnFsw
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqorQRY8T6dX2CRk8Ie4Jahs9%2FrUB5hjE9xf53a6A6xzX%2BygdSbkhSAxzn3XnObyzC5qWGoKNACHQp62E%2FAo9hyKnYMlp%2FG%2FCEqoITEZzYeEquwhaGjjuEUm4v9Z%2BQFQV0njQFtbfYl11A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812d5010fd60926e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B107
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOgyXF37Lm1zycOFCHYIHuA&google_cver=1

43 B
834 B

40ms
40ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOgyXF37Lm1zycOFCHYIHuA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWVvui6R4-hLjLy9bNkWgKFa-oixOs0ct1lndwj0rvbGDxUcTud_TcM7Q5BOxv0XwcB4bB7WGwbk430CDq9SSMx4CFCJuBJ4qeLRtFsqNbs09p7VbeRwPz9Am56tD5UenTaXjiLYeMHHEKaDqq3zhg53QgGalf6kgDky2lgXgHMkcwnFsw

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
an-x-request-uuid: ddfed43b-3aea-47d6-836b-a0b74fabf68d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOgyXF37Lm1zycOFCHYIHuA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B107
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

170 B
243 B

50ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
an-x-request-uuid: f8bfb422-9ea2-45f4-b087-26654553f585
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 573 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 528 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 224 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D84E 0
20 B 80ms
80ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=865514870318&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D84E 0
20 B 98ms
98ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=865514870318&version=m202309260101&ct=77&x=1&cor=13899249231744807000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D84E 16 KB
12 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFp5uvIoQJo07fkJT0OMQlx5rYZNdjrPqiBl2BtNmGPpd9mZ8aEAZLg5xyfsP2Lb4QSIL5zQ_Iyaz8tEmIW-EnPuKmr8SY7U1PPdV6iqrof-ZS8rnDEnSQLRK-LCI9w8eM1hMZNeZi-EE8pr8cAdRF52fnPkbx-1JPjP3wGJrtJjakCfA&cry=1&dbm_d=AKAmf-CMYLGICP8dcakMMu6vrc1Vt4QvSjl11K3wKFGF1NA4LIs42x-5Hao3VRjki66CdgMhmXLGJZXM5QJqHOlWxJCsvUCCDDapc4bTiZPACNz8Md4b1WCubz1F2kC0PFegN1TXbQk8z8Q8BE5P3EygA_0GJErLPZ-KkpolvEvsaTpCtBdVLvCSv5ghpT3q6oNK4fH5EuKbbzPsVXGKrfmcaaYNU0FIc9dMUUqbURiUMPfC1OVXArOZYtjosCokFc968_nlvtoSu86eawifvtRfEV6FbpbFG4hk58fwHO8PlTvnwJ0fb19hH1cHqtzpfG-zLDQqHgBPo9aA0xZ5YXrBJG-30gglI5n6_YPYp-iEPFaIMgt760qFtsmdYUKlkp9QGOypdr-Ok9vKW1U2yyAHwqeYw1UH85_-Mk8Ix972W88Fhch_vq6da6y4TPnGep-NwnFA-qiFmH_qfMjun7Dcotsl2vnFt-ES2asiQ_p4qa50T0U1j4zzuQDAUFwZD7zfXB0aZniFPCQ8JjxWyBfOOzw0aAxPQlMBiOZbcmrMGsEuz5XbxV5GgUB7Jo9_Tt-rs42n2Xjx38yFiShzjLmwaIy8sH0xd7HJpY_QmcqJB03usdF9bIodYqRoQNAFDa7omoh5asY51XlImLMfnEEwCVIrMJRdRlpQJsFbjTsE9PO_VOSdQoHm2LcKir9GeiH2KFlfTgjo8hWl-5eKkF1Tr3oHYtQFRYtunGzeUBx0GHzywJYPBpObWBPC3FJSaz0ofgcGtwUm7ZI3mCcJL6wNnYmgTWwQQ6iDRderJazAS3q3yf2xUu7hzutMVzZj5djcyEJHPSo8TEt6G8dRYJyMOQO5ysXHJtuP-QffpNNk47jVbpi9bO6_yfmvmiOj-EkybbX_gKDJZ5V9qvprHiovhrny3PLQ0Uss3PprW2zR-WKO5sCBlotZSBZGah7cJF11tyGWPCjvHvNBJ73n7MHDEYVS256yDuDa7ZMxTjSUb3tkkMdJSIHuRW6AD2UjDN5D2QeiwHd97DXwXvDfPWp0VJucfwJAY12IaD5INeDr_VTDjDfOlOC_9v8ytexPGEiIDMBUkDeXWGtKJGC0IR1JtxIGJRKMGYHhGjrb1bYqyn_mXc8H-Ct9JqSBLrsWQaW4jWIOhKzXzYuia7xxZGYyUlIEjBQ_buqD6wzSXFcqtGsVpB2ut5Q5JuCZt1ltAwxKYj04E8qrFqbH_ZXH74NCsMYvql6vCWOOI79HKr5M59unTOYFSBTMHky4X0O02-HJLeZktBhcw7nPQDfI4jyD0mlZhRqf0MRr9RZEgtlG2hL-5-g--crLb_wiN-qapufZ0j0p2sQqrcyto0bLYA8EUG4pGyeYHXTO7on7nJ_49xWhtyqKab40z0F_2SBiTVZs8PZbEWNY5uYvOEyv-aW93STVFM__r0c_WxNHnCVNs5CbtAEAu_Hp4Sif4yI-YMY9w59aiMge50bCWGvAusmLQTW5_9IlSHooCOhNB6rPp5dMnEFjShm66QeaneyZ63yK8C61J2kis-2gP-ZP5sOX_LjpxUZ1OfUh-L4IqZfCuuV-bd2S0C9NP4dwFwhg4mJXTEIZg1K2tatD2XEymqY0JtCdSr5LrSMNCkQ6re4A6RDvWHL4KK2bux76YEbrpOVRUKVXz6I7S-D80Rrq0W5ZeUW7zxAoJlGGA-HWOfsA3AZlOLBMSnw9z5_AiGO4IdNpT2MD-2T8oRFO4p8beG_HosY5TN9IgmiL54zWsUOc4ryED_JEwh7CnYmQMXMqix_B6p2P_1w5e9PnN5l9MMNlK7d-HQscuV0k58aQjKzgP4HkvaPRMgf1fyYXHdgZtWgB91cpzUw2Q65bMIiY2nIEo5GyafROsRSaE9qpPj_fB2bDwjSmmGvnVd2ymTzqD4d1Bm7igsBrKDt7MhU05wI5ES1ducGwyvb0eYCeewOphLulBqeXT7P9BJW_8knGQ_dp3zEP4a5F8NAKTeUGDtFVQW1BdGvbQBrMJLeuaaTvlKYP5_GUFnKe-m34Lf3Xen7fNTMCKB53e_tXsYgq7Wmluk7h2zPMhz6fkqWyXhUJM547VtTC06l8Gp8R-89chHr4Dux6YgexMFcvGmiWBvjrVcSuxXu6RlbooUfsISY8WIDff-rRkckqXAvm-dRgaslDFBKL_enioYrXmbxG9e1GWORJr2D2xt7BXvf33oFJFFkV7-6xRec4Tf2TvbIzd5gR0L0wt2c15H6MqVieZfCORLNRYvW1FaWkJjlNY_q6CeJ1-paNxzY1GNTctcU2hwbsVH6fAUOzpewG2kgO1rc8zrpkbe5CmPSCgGUHLIFY3Lf2fUnpnv69c9RYPNFaeOT64h5y10nmqk_tHPmpyxGPB0XBV2kOJychVr8v8fz4loSOu6CVdUSBWEViT5o6PLBIhf52njv4tMNsJWwOYy8ADHhaeieQF3DlR04rCzb7-pOpfyXiAZTL7ARLBkM1fwDdIiJ80RvuqJmNRQeJgaREOR4GINXzUqCCszqZTvBO67BKRgZ3LMZMYvOKt87sOAL-Kk6XCLoUTNn_SMI7hO_WRdnKXXJdZkUq9LsRMaoM-86t_5_ouhe_0s1MOS2eQHaxVUL_7A6GmvvyQAdL6daTUziEmSS1tmw6m_EwHfSLd1XThFk6LnZJ9KgzhXsYf8fxW8P-F9aQ7G5ZBpTJdTLOwqVmoX4srZACcJqCktKb0QJ67zfgwfai6MdqZYgY7K2yOurVrRgRhIaTIDL9hBG3n81eAYFPK-csr3kjgas19GdvGtX1DlUUxBDgRmVZTqcKkKc6QfRxgL4jSrbXUE-ysUPpemuPPDr-k2OZ2ECxwAmLcu8T_RgPT_Z0m4V5LvX5xnbJTUYEtN87SDAI920ckOWPgM7CKtp1aTFnFCYqJCMagfW1iR77I3nxYMndrd23GTKGJWyVxzfyGs1r3fmgVGffTP8L0TMGVYoCOWTODYpDu4UDQvoVgcoi6SdObGCbVkGHI0YdOr0T2vZ72wqQv96I8lO5ojyPJEQ0FBz2TCWojXGpXQSbVt2EDaar65RVg06USVwz_CS0v_0HkHeN9H5amCIgOwRNGrEaXgj60PNzZCx06Pp3OlKw0Xgy8zf8GeFe5OjiOwBRw1YfvWgZLMNTPvsjzgiVSTPAV6EzPuyTu81m5pbmMTvzfM1Rw69ZehqdcTcpwkmXiP_HqqK3Vhscy4q1Ac1oAI0A4Iyl5mnjUenjgVC_kQmwu6YghA3PY6v1hD0wA_9h-y324-C2apUqcGED96SvrNyXK2fy5sbjQGZ-RjBj38gIZ_DBMEwxCwkGSGeOs7F7-kjao-FU9m2i9l6miNA_3tZ8_TKu23pSEYaXCXUxtjhsT3-vqxLeVwOIjWU9hACTNeCYfA-cKjRi0A5gRHi0aLuQW48xpKABggIWUFJIh4T0A9KfCgph-UwtPd8cRshla9NllkwcOkymtOystj9hP8tAonZeP3zDmEfzrq7nRp5RfrVGs6M-XEu07ceeDajbhxWWu1kie4CHcT-fp6_SYuiZeBeOsx-v1mpmy9g0gCelZSvRaZC2mgbH1lJhRkCzpxtCQ9d0AzpXqYb_xvWXXjBHdy9FASkafm8c_ikmMXeoT8M1BMPQmzJI27nI01keqkrDknB_u5nJfzCQgkjoX2MaEM0i3Insh78hEUGnmgQgM_Qc7sbe1lQGaKzwiUuKJpGLUNrSXsS09p0A3vf9HxH3SNNivxSaC78M4lx6mCIuQc97KmpkXze2Qhvfgiky8qVlkAloW9UUO2CcDrHvWa5zLY0FUjwdZ07dFCeyHO-jLNQecJX6DVEKGBuaSHt67pmDQCncgE38rimx__tJ9IMwOu6BnPwNP8dFxYQ&cid=CAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.kibrispdr.org%2F&ds=l&xdt=1&iif=1&cor=13899249231744807000&adk=1964084972&idt=103&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37c1b11e165d13864ecd250be6427e7e22e2a7ff445fa8040ead3be0ded94d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12361
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET EpicPlay%20Video%20-%2010%20min%20Extended.mp4
play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/ 0
0

GET
H2 206 EpicPlay%20Video%20-%2010%20min%20Extended.mp4
play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/ 83 KB
83 KB 47ms
46ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/EpicPlay%20Video%20-%2010%20min%20Extended.mp4
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 3a6daf1f4ec77731af33a661119a766eb255e734f45db82f435e3b510d198c22

Request headers

Referer: https://www.kibrispdr.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=12779520-

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
x-guploader-uploadid: ADPycdt5NRSb09GQ11zyvbrkkkXQJ8V2OGscMU3Ge8SQx2qhCwzmJJzY0GCz8NChhBS9CDGbyElaSHsMi1U0uyFZXRrpvw
x-goog-storage-class: MULTI_REGIONAL
Content-Range: bytes 12779520-12864437/12864438
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 84918
last-modified: Tue, 21 Feb 2023 14:59:02 GMT
server: UploadServer
etag: "1d1ced0dc744bf51c386bfdbdb4f912b"
x-goog-generation: 1676991542343592
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=pMHE4w==, md5=HRztDcdEv1HDhr/b20+RKw==
access-control-expose-headers: Content-Type, range
cache-control: max-age=1800
x-hw: 1696756876.dop251.fr8.t,1696756876.cds341.fr8.hn,1696756876.cds159.fr8.c
x-goog-stored-content-length: 12864438
accept-ranges: bytes

GET
H3 200 container.html Show response
7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 11EE 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:16 GMT
expires: Mon, 07 Oct 2024 09:21:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D84E 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFp5uvIoQJo07fkJT0OMQlx5rYZNdjrPqiBl2BtNmGPpd9mZ8aEAZLg5xyfsP2Lb4QSIL5zQ_Iyaz8tEmIW-EnPuKmr8SY7U1PPdV6iqrof-ZS8rnDEnSQLRK-LCI9w8eM1hMZNeZi-EE8pr8cAdRF52fnPkbx-1JPjP3wGJrtJjakCfA&cry=1&dbm_d=AKAmf-CMYLGICP8dcakMMu6vrc1Vt4QvSjl11K3wKFGF1NA4LIs42x-5Hao3VRjki66CdgMhmXLGJZXM5QJqHOlWxJCsvUCCDDapc4bTiZPACNz8Md4b1WCubz1F2kC0PFegN1TXbQk8z8Q8BE5P3EygA_0GJErLPZ-KkpolvEvsaTpCtBdVLvCSv5ghpT3q6oNK4fH5EuKbbzPsVXGKrfmcaaYNU0FIc9dMUUqbURiUMPfC1OVXArOZYtjosCokFc968_nlvtoSu86eawifvtRfEV6FbpbFG4hk58fwHO8PlTvnwJ0fb19hH1cHqtzpfG-zLDQqHgBPo9aA0xZ5YXrBJG-30gglI5n6_YPYp-iEPFaIMgt760qFtsmdYUKlkp9QGOypdr-Ok9vKW1U2yyAHwqeYw1UH85_-Mk8Ix972W88Fhch_vq6da6y4TPnGep-NwnFA-qiFmH_qfMjun7Dcotsl2vnFt-ES2asiQ_p4qa50T0U1j4zzuQDAUFwZD7zfXB0aZniFPCQ8JjxWyBfOOzw0aAxPQlMBiOZbcmrMGsEuz5XbxV5GgUB7Jo9_Tt-rs42n2Xjx38yFiShzjLmwaIy8sH0xd7HJpY_QmcqJB03usdF9bIodYqRoQNAFDa7omoh5asY51XlImLMfnEEwCVIrMJRdRlpQJsFbjTsE9PO_VOSdQoHm2LcKir9GeiH2KFlfTgjo8hWl-5eKkF1Tr3oHYtQFRYtunGzeUBx0GHzywJYPBpObWBPC3FJSaz0ofgcGtwUm7ZI3mCcJL6wNnYmgTWwQQ6iDRderJazAS3q3yf2xUu7hzutMVzZj5djcyEJHPSo8TEt6G8dRYJyMOQO5ysXHJtuP-QffpNNk47jVbpi9bO6_yfmvmiOj-EkybbX_gKDJZ5V9qvprHiovhrny3PLQ0Uss3PprW2zR-WKO5sCBlotZSBZGah7cJF11tyGWPCjvHvNBJ73n7MHDEYVS256yDuDa7ZMxTjSUb3tkkMdJSIHuRW6AD2UjDN5D2QeiwHd97DXwXvDfPWp0VJucfwJAY12IaD5INeDr_VTDjDfOlOC_9v8ytexPGEiIDMBUkDeXWGtKJGC0IR1JtxIGJRKMGYHhGjrb1bYqyn_mXc8H-Ct9JqSBLrsWQaW4jWIOhKzXzYuia7xxZGYyUlIEjBQ_buqD6wzSXFcqtGsVpB2ut5Q5JuCZt1ltAwxKYj04E8qrFqbH_ZXH74NCsMYvql6vCWOOI79HKr5M59unTOYFSBTMHky4X0O02-HJLeZktBhcw7nPQDfI4jyD0mlZhRqf0MRr9RZEgtlG2hL-5-g--crLb_wiN-qapufZ0j0p2sQqrcyto0bLYA8EUG4pGyeYHXTO7on7nJ_49xWhtyqKab40z0F_2SBiTVZs8PZbEWNY5uYvOEyv-aW93STVFM__r0c_WxNHnCVNs5CbtAEAu_Hp4Sif4yI-YMY9w59aiMge50bCWGvAusmLQTW5_9IlSHooCOhNB6rPp5dMnEFjShm66QeaneyZ63yK8C61J2kis-2gP-ZP5sOX_LjpxUZ1OfUh-L4IqZfCuuV-bd2S0C9NP4dwFwhg4mJXTEIZg1K2tatD2XEymqY0JtCdSr5LrSMNCkQ6re4A6RDvWHL4KK2bux76YEbrpOVRUKVXz6I7S-D80Rrq0W5ZeUW7zxAoJlGGA-HWOfsA3AZlOLBMSnw9z5_AiGO4IdNpT2MD-2T8oRFO4p8beG_HosY5TN9IgmiL54zWsUOc4ryED_JEwh7CnYmQMXMqix_B6p2P_1w5e9PnN5l9MMNlK7d-HQscuV0k58aQjKzgP4HkvaPRMgf1fyYXHdgZtWgB91cpzUw2Q65bMIiY2nIEo5GyafROsRSaE9qpPj_fB2bDwjSmmGvnVd2ymTzqD4d1Bm7igsBrKDt7MhU05wI5ES1ducGwyvb0eYCeewOphLulBqeXT7P9BJW_8knGQ_dp3zEP4a5F8NAKTeUGDtFVQW1BdGvbQBrMJLeuaaTvlKYP5_GUFnKe-m34Lf3Xen7fNTMCKB53e_tXsYgq7Wmluk7h2zPMhz6fkqWyXhUJM547VtTC06l8Gp8R-89chHr4Dux6YgexMFcvGmiWBvjrVcSuxXu6RlbooUfsISY8WIDff-rRkckqXAvm-dRgaslDFBKL_enioYrXmbxG9e1GWORJr2D2xt7BXvf33oFJFFkV7-6xRec4Tf2TvbIzd5gR0L0wt2c15H6MqVieZfCORLNRYvW1FaWkJjlNY_q6CeJ1-paNxzY1GNTctcU2hwbsVH6fAUOzpewG2kgO1rc8zrpkbe5CmPSCgGUHLIFY3Lf2fUnpnv69c9RYPNFaeOT64h5y10nmqk_tHPmpyxGPB0XBV2kOJychVr8v8fz4loSOu6CVdUSBWEViT5o6PLBIhf52njv4tMNsJWwOYy8ADHhaeieQF3DlR04rCzb7-pOpfyXiAZTL7ARLBkM1fwDdIiJ80RvuqJmNRQeJgaREOR4GINXzUqCCszqZTvBO67BKRgZ3LMZMYvOKt87sOAL-Kk6XCLoUTNn_SMI7hO_WRdnKXXJdZkUq9LsRMaoM-86t_5_ouhe_0s1MOS2eQHaxVUL_7A6GmvvyQAdL6daTUziEmSS1tmw6m_EwHfSLd1XThFk6LnZJ9KgzhXsYf8fxW8P-F9aQ7G5ZBpTJdTLOwqVmoX4srZACcJqCktKb0QJ67zfgwfai6MdqZYgY7K2yOurVrRgRhIaTIDL9hBG3n81eAYFPK-csr3kjgas19GdvGtX1DlUUxBDgRmVZTqcKkKc6QfRxgL4jSrbXUE-ysUPpemuPPDr-k2OZ2ECxwAmLcu8T_RgPT_Z0m4V5LvX5xnbJTUYEtN87SDAI920ckOWPgM7CKtp1aTFnFCYqJCMagfW1iR77I3nxYMndrd23GTKGJWyVxzfyGs1r3fmgVGffTP8L0TMGVYoCOWTODYpDu4UDQvoVgcoi6SdObGCbVkGHI0YdOr0T2vZ72wqQv96I8lO5ojyPJEQ0FBz2TCWojXGpXQSbVt2EDaar65RVg06USVwz_CS0v_0HkHeN9H5amCIgOwRNGrEaXgj60PNzZCx06Pp3OlKw0Xgy8zf8GeFe5OjiOwBRw1YfvWgZLMNTPvsjzgiVSTPAV6EzPuyTu81m5pbmMTvzfM1Rw69ZehqdcTcpwkmXiP_HqqK3Vhscy4q1Ac1oAI0A4Iyl5mnjUenjgVC_kQmwu6YghA3PY6v1hD0wA_9h-y324-C2apUqcGED96SvrNyXK2fy5sbjQGZ-RjBj38gIZ_DBMEwxCwkGSGeOs7F7-kjao-FU9m2i9l6miNA_3tZ8_TKu23pSEYaXCXUxtjhsT3-vqxLeVwOIjWU9hACTNeCYfA-cKjRi0A5gRHi0aLuQW48xpKABggIWUFJIh4T0A9KfCgph-UwtPd8cRshla9NllkwcOkymtOystj9hP8tAonZeP3zDmEfzrq7nRp5RfrVGs6M-XEu07ceeDajbhxWWu1kie4CHcT-fp6_SYuiZeBeOsx-v1mpmy9g0gCelZSvRaZC2mgbH1lJhRkCzpxtCQ9d0AzpXqYb_xvWXXjBHdy9FASkafm8c_ikmMXeoT8M1BMPQmzJI27nI01keqkrDknB_u5nJfzCQgkjoX2MaEM0i3Insh78hEUGnmgQgM_Qc7sbe1lQGaKzwiUuKJpGLUNrSXsS09p0A3vf9HxH3SNNivxSaC78M4lx6mCIuQc97KmpkXze2Qhvfgiky8qVlkAloW9UUO2CcDrHvWa5zLY0FUjwdZ07dFCeyHO-jLNQecJX6DVEKGBuaSHt67pmDQCncgE38rimx__tJ9IMwOu6BnPwNP8dFxYQ&cid=CAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.kibrispdr.org%2F&ds=l&xdt=1&iif=1&cor=13899249231744807000&adk=1964084972&idt=103&cac=0&dtd=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 12:26:28 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame D84E 11 KB
4 KB 135ms
40ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1696756876145865&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgxfvjHQiZcnzCM2ix_APvYeniAmm5b2gab2TnKfJD_AuEAEg9s-mkwFglYr8gZQHyAEJqQLOG7AQ3cKxPqgDAcgDmwSqBOsBT9C8x6zMyRMEW-TVZttc1rh4UjDufiwB7AtpexNTqkk4n1bLZcp8PNRyAcLBNiZwx1bPr57tRLyOmwpYrdIJgtThF5IgGMmm0g_bA1PVExr24k6vAS-4btjAm9BcbDmOM_HzlDkz4Icb0ZmnFOrJ5G_zU8S0dlGC1eL285n0nsSGCtxcO3Ts4I4YVwJuH9Njhm6p8Sw3TUoSeNmwBr4mwV5mriBnsREbGLww5et6kViTgMBi3NgGxs_6dgzhdvrDxaJ1gD_pMUFibN-T7qdFV9c7Npbn2gbqZ0lykqTfb0RueWn4dIm2m18a_MAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCP31_PaP5oEDFU3REQgdvcMJkbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIyen99o_mgQMVTdERCB29wwmREAEYASAAEgJuCfD_BwE%26num%3D1%26cid%3DCAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ%26sig%3DAOD64_1CzfzHICwlP3uJ__4zOhBEcMWD8g%26client%3Dca-pub-2749054827332983%26dbm_c%3DAKAmf-DocHIJOZhMpPk-OXuHxW5cBHadZzpRsyM9x3VZZVjP090_AjBLsXx0G4uL8icVpP3gLFaIgF_mpN_SAVKbKbPH112YG5cORM_jFF8WzkIguv1Wzgvj51wMbmjF1FPyis_n7wFFFsZ4wFbGEsodBRiCW7_-21VU9sLRddcdxjPbGSV1_Es%26cry%3D1%26dbm_d%3DAKAmf-CVc7pCvir433GQK1wuQ6XMQsCO854L_jgD21GWNgwyLG0h3jcU5l4rF4gr3AwdGCS70IuRR3d15ZKi1qZPNdF2h8C6r1b9yhqd5YqodrJZ_TV5_P0jd7-lT-VozgDtDH0RNDXiLV6I5u31MXe_WYr2K0PjfLGMNWHCTxo_HUIMqfLEstfZlDGzKt7OBo9LhRnvKyKU1TDRSYkax9QsDIBW7ZwNRAgh4LY87OJRnpXhH8j_tjiX4hTIYrQGHhQ2clJrRinkGZaKuuuQXlvPSzClAkEvThLiCQaPukAkuAVP8ufoz1w11R6121R0ZdxE4fAWmnBgyKyyaBK3kEZzIFbvrCyFetFelMAbBVnPVTccbUPaf1IpK7tZtTrSII39FNtgE6W4wdCmFSJEAlVpLP13CaBuE8Tkz63NIM8FPb98cdVIrKn5n8grwEFtVNDJTWSUNFBwyewnhiunVX5hKgyWbRoig2EAQOePbVoY8kWaWd25_4NZnqTYeiQ9QJ9MHTm63T_MkWEk05bItDW1zL7-7Epb3g%26adurl%3D
Requested by: Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e323d06dfaeb8c647791ed12d837d7069c8fbabad549739f588429383b8c69d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 09:21:16 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4200
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 206 EpicPlay%20Video%20-%2010%20min%20Extended.mp4
play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/ 65 KB
0 53ms
52ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/EpicPlay%20Video%20-%2010%20min%20Extended.mp4
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.kibrispdr.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=32768-

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
x-guploader-uploadid: ADPycdt5NRSb09GQ11zyvbrkkkXQJ8V2OGscMU3Ge8SQx2qhCwzmJJzY0GCz8NChhBS9CDGbyElaSHsMi1U0uyFZXRrpvw
x-goog-storage-class: MULTI_REGIONAL
Content-Range: bytes 32768-12864437/12864438
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 12831670
last-modified: Tue, 21 Feb 2023 14:59:02 GMT
server: UploadServer
etag: "1d1ced0dc744bf51c386bfdbdb4f912b"
x-goog-generation: 1676991542343592
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=pMHE4w==, md5=HRztDcdEv1HDhr/b20+RKw==
access-control-expose-headers: Content-Type, range
cache-control: max-age=1800
x-hw: 1696756876.dop251.fr8.t,1696756876.cds341.fr8.hn,1696756876.cds159.fr8.c
x-goog-stored-content-length: 12864438
accept-ranges: bytes

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3BE1 624 B
245 B 83ms
81ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYzPGb-AEwAQ&v=APEucNVwYs7ha0jmscxfk3eEeFC2k49oS7SNJgjWOYF9-NcGKVAq4rskcIGUOnl9XunQCDxr6q7U-Pr_-BtNqmYxkiWh921cR9DDo_bV9h6UPnhvF_vokJ023qbfI91WiE4iV5hGYeeqWCjivgmdADboPVheg9Fcp_oGf6CTJGSdwiWeUtd-VwQ

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:16 GMT
expires: Sun, 08 Oct 2023 09:21:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 11EE 89 KB
31 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11EE 42 B
63 B 74ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CEgUa9nPxmrhKaFZP8yw-_DS3f6vTyj0nb41vC0XXV4IDw9jtz9Xt29EgdA6_uD71QcSY8jYa7mQZ-hiPRDAHKOYAFqQbQhTrD-4gddDAnMAI8_5U

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11EE 0
20 B 109ms
107ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10713323696432818401&x=1&ct=76

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 11EE 3 KB
1 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 08:33:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 11EE 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11EE 187 KB
59 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:16 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 95FA 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 178948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:38:48 GMT
expires: Sat, 05 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 95FA 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3BE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1

43 B
728 B

59ms
58ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYzPGb-AEwAQ&v=APEucNVwYs7ha0jmscxfk3eEeFC2k49oS7SNJgjWOYF9-NcGKVAq4rskcIGUOnl9XunQCDxr6q7U-Pr_-BtNqmYxkiWh921cR9DDo_bV9h6UPnhvF_vokJ023qbfI91WiE4iV5hGYeeqWCjivgmdADboPVheg9Fcp_oGf6CTJGSdwiWeUtd-VwQ
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwi4FWsRvAwmtLyjHV8zgHrlKswwepOPb2v9kekixR66%2BUg3nybe9Wk0Yr5sY64aN8XT663mfRpTlLopwxJHH2FF0pgt3oggUhR%2F5j4IKG6jodw2DwC1NQfFe8Qulosns2w5t46BS3jS9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812d50118da7926e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-8GYJh8cRQ94tDrSY_QWw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3BE1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSJ0jNAYbgu95Ly5eB5kbQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1

43 B
731 B

61ms
61ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYzPGb-AEwAQ&v=APEucNVwYs7ha0jmscxfk3eEeFC2k49oS7SNJgjWOYF9-NcGKVAq4rskcIGUOnl9XunQCDxr6q7U-Pr_-BtNqmYxkiWh921cR9DDo_bV9h6UPnhvF_vokJ023qbfI91WiE4iV5hGYeeqWCjivgmdADboPVheg9Fcp_oGf6CTJGSdwiWeUtd-VwQ
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hAXSNq2ufgLg67m61UoKlE17ltsZLNwA7YTgAaH6RHNb7IoY%2BZ6xtAxsunqJY3mAUzyg5MZh%2FkK9i%2FrYv4pNo7hQ3ZMXUWjiar8AoUB1l7LiDYlwS6nGZJJXXAhnVgI3KCTULgD67taWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812d5011edea926e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3BE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOgyXF37Lm1zycOFCHYIHuA&google_cver=1

43 B
838 B

43ms
43ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOgyXF37Lm1zycOFCHYIHuA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYzPGb-AEwAQ&v=APEucNVwYs7ha0jmscxfk3eEeFC2k49oS7SNJgjWOYF9-NcGKVAq4rskcIGUOnl9XunQCDxr6q7U-Pr_-BtNqmYxkiWh921cR9DDo_bV9h6UPnhvF_vokJ023qbfI91WiE4iV5hGYeeqWCjivgmdADboPVheg9Fcp_oGf6CTJGSdwiWeUtd-VwQ

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
an-x-request-uuid: 6858404a-f89e-4508-8c68-752591003ea4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOgyXF37Lm1zycOFCHYIHuA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BE1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:16 GMT
an-x-request-uuid: b95d35b8-6c52-4482-9496-47f993b18b5a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame D84E
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

191ms
112ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgxfvjHQiZcnzCM2ix_APvYeniAmm5b2gab2TnKfJD_AuEAEg9s-mkwFglYr8gZQHyAEJqQLOG7AQ3cKxPqgDAcgDmwSqBOsBT9C8x6zMyRMEW-TVZttc1rh4UjDufiwB7AtpexNTqkk4n1bLZcp8PNRyAcLBNiZwx1bPr57tRLyOmwpYrdIJgtThF5IgGMmm0g_bA1PVExr24k6vAS-4btjAm9BcbDmOM_HzlDkz4Icb0ZmnFOrJ5G_zU8S0dlGC1eL285n0nsSGCtxcO3Ts4I4YVwJuH9Njhm6p8Sw3TUoSeNmwBr4mwV5mriBnsREbGLww5et6kViTgMBi3NgGxs_6dgzhdvrDxaJ1gD_pMUFibN-T7qdFV9c7Npbn2gbqZ0lykqTfb0RueWn4dIm2m18a_MAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCP31_PaP5oEDFU3REQgdvcMJkbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIyen99o_mgQMVTdERCB29wwmREAEYASAAEgJuCfD_BwE%26num%3D1%26cid%3DCAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ%26sig%3DAOD64_1CzfzHICwlP3uJ__4zOhBEcMWD8g%26client%3Dca-pub-2749054827332983%26dbm_c%3DAKAmf-DocHIJOZhMpPk-OXuHxW5cBHadZzpRsyM9x3VZZVjP090_AjBLsXx0G4uL8icVpP3gLFaIgF_mpN_SAVKbKbPH112YG5cORM_jFF8WzkIguv1Wzgvj51wMbmjF1FPyis_n7wFFFsZ4wFbGEsodBRiCW7_-21VU9sLRddcdxjPbGSV1_Es%26cry%3D1%26dbm_d%3DAKAmf-CVc7pCvir433GQK1wuQ6XMQsCO854L_jgD21GWNgwyLG0h3jcU5l4rF4gr3AwdGCS70IuRR3d15ZKi1qZPNdF2h8C6r1b9yhqd5YqodrJZ_TV5_P0jd7-lT-VozgDtDH0RNDXiLV6I5u31MXe_WYr2K0PjfLGMNWHCTxo_HUIMqfLEstfZlDGzKt7OBo9LhRnvKyKU1TDRSYkax9QsDIBW7ZwNRAgh4LY87OJRnpXhH8j_tjiX4hTIYrQGHhQ2clJrRinkGZaKuuuQXlvPSzClAkEvThLiCQaPukAkuAVP8ufoz1w11R6121R0ZdxE4fAWmnBgyKyyaBK3kEZzIFbvrCyFetFelMAbBVnPVTccbUPaf1IpK7tZtTrSII39FNtgE6W4wdCmFSJEAlVpLP13CaBuE8Tkz63NIM8FPb98cdVIrKn5n8grwEFtVNDJTWSUNFBwyewnhiunVX5hKgyWbRoig2EAQOePbVoY8kWaWd25_4NZnqTYeiQ9QJ9MHTm63T_MkWEk05bItDW1zL7-7Epb3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kibrispdr.org%2F&ancestorOrigins=https%3A%2F%2Fwww.kibrispdr.org&random=1094958562692&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 72e8e6ec865030e75174384a1222b77e6389c4ff5fb503d9f4f1561ca87b6b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 09:21:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 74125700035872704444994012471007
Connection: close
Content-Length: 1329
Expires: Sun, 08 Oct 2023 10:21:17 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 09:21:17 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgxfvjHQiZcnzCM2ix_APvYeniAmm5b2gab2TnKfJD_AuEAEg9s-mkwFglYr8gZQHyAEJqQLOG7AQ3cKxPqgDAcgDmwSqBOsBT9C8x6zMyRMEW-TVZttc1rh4UjDufiwB7AtpexNTqkk4n1bLZcp8PNRyAcLBNiZwx1bPr57tRLyOmwpYrdIJgtThF5IgGMmm0g_bA1PVExr24k6vAS-4btjAm9BcbDmOM_HzlDkz4Icb0ZmnFOrJ5G_zU8S0dlGC1eL285n0nsSGCtxcO3Ts4I4YVwJuH9Njhm6p8Sw3TUoSeNmwBr4mwV5mriBnsREbGLww5et6kViTgMBi3NgGxs_6dgzhdvrDxaJ1gD_pMUFibN-T7qdFV9c7Npbn2gbqZ0lykqTfb0RueWn4dIm2m18a_MAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCP31_PaP5oEDFU3REQgdvcMJkbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIyen99o_mgQMVTdERCB29wwmREAEYASAAEgJuCfD_BwE%26num%3D1%26cid%3DCAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ%26sig%3DAOD64_1CzfzHICwlP3uJ__4zOhBEcMWD8g%26client%3Dca-pub-2749054827332983%26dbm_c%3DAKAmf-DocHIJOZhMpPk-OXuHxW5cBHadZzpRsyM9x3VZZVjP090_AjBLsXx0G4uL8icVpP3gLFaIgF_mpN_SAVKbKbPH112YG5cORM_jFF8WzkIguv1Wzgvj51wMbmjF1FPyis_n7wFFFsZ4wFbGEsodBRiCW7_-21VU9sLRddcdxjPbGSV1_Es%26cry%3D1%26dbm_d%3DAKAmf-CVc7pCvir433GQK1wuQ6XMQsCO854L_jgD21GWNgwyLG0h3jcU5l4rF4gr3AwdGCS70IuRR3d15ZKi1qZPNdF2h8C6r1b9yhqd5YqodrJZ_TV5_P0jd7-lT-VozgDtDH0RNDXiLV6I5u31MXe_WYr2K0PjfLGMNWHCTxo_HUIMqfLEstfZlDGzKt7OBo9LhRnvKyKU1TDRSYkax9QsDIBW7ZwNRAgh4LY87OJRnpXhH8j_tjiX4hTIYrQGHhQ2clJrRinkGZaKuuuQXlvPSzClAkEvThLiCQaPukAkuAVP8ufoz1w11R6121R0ZdxE4fAWmnBgyKyyaBK3kEZzIFbvrCyFetFelMAbBVnPVTccbUPaf1IpK7tZtTrSII39FNtgE6W4wdCmFSJEAlVpLP13CaBuE8Tkz63NIM8FPb98cdVIrKn5n8grwEFtVNDJTWSUNFBwyewnhiunVX5hKgyWbRoig2EAQOePbVoY8kWaWd25_4NZnqTYeiQ9QJ9MHTm63T_MkWEk05bItDW1zL7-7Epb3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kibrispdr.org%2F&ancestorOrigins=https%3A%2F%2Fwww.kibrispdr.org&random=1094958562692&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 08 Oct 2023 10:21:17 +0200

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11EE 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1698717520065&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11EE 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1698717520065&version=m202309260101&ct=76&x=1&cor=10713323696432818000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 11EE 80 KB
37 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKSYwNK1gwozZpzoCWBjVcIN6F_dDEXCzHmRTOuqkUsw6BURhT2JvUCFtpdTz_guGaXG0LNuOvSKxbJ2CaKRM4Q8LAlw&cry=1&dbm_d=AKAmf-DPItppohem7H3_T-ZROQTw0EPtktUEctvtsiPCGpZs4W3FI8zQoRS4jvKhe_EvUWl3O2q39HR3d7gWtdQxxRne90tM6c9YNNvyq-CVD7_fJj7gr9cmkq-bRoC4dMPYKwu3FwyjoHKVjGfpGiwINwqClYIhO18j0JvX7amvLOA8Lv-uwwfEROHg0nF7YWL-g2RiaRR5uvIOQQ0xtnF3NJhsF6CtipJg5JUBkB2nVlE9PZlGTAqTXi20NIIwNhcRZpatmbfnLqC-Wp7S0hFB6-LjrecyXdlyjBwP8pn63rrgHs835Gg5VqpXc68O-tbIJe6ypTU0IJwabDH7ZYo8PfRp_fJUtbX6Ck9rUuGW70jcJoWfVbLKuRlZpRDGcsLP-MtRR9OqiGe_NK2qU1Syhdxd57ITCm0-oj93ioai6oTDAileX-kNmALOZAvOWEh465wkJQAnsh6RlTS5zZ8I79dHUinSnb2yKujwJ88c-8LCSZs5akpTSB0nXG_NqsEHAsITZ-Vtp3jjCeT7i4wpxK9DrtEe15GinuHRSEIIwYVUm2trhR29Zex5rUWm6NjVgkan8GSu2bHUBHAnjxagmtszUcMaF1VocznlK329xBpLJ_GKOi7ZIfS2rEOTBAcTFkE5iTjBoWFnFSdCadA7mdd-nzoSr6P3ARJPnFcqeRoJoTdJAStFY-I5rZXChbsxFgW_Pt7k6-cjDsrFwghyVIbueCJDYwiSvPKutqweI0YWEDJwERb5EDrsWIo53jn_Fp7qdQKFkfjLJuT7WHi2UfASy-BvON5TBgcM_NtSZ6Uy2BoCSV-pnM-agWEMDEhXRpWvpm10JH10h-nCWa98OE0TrAGKaL3Tv549JJ0IsKOxDXVvZChPUB3Pz-6Tucr-RtRVubpXIV_tAYLKWDAf_P__gFQCbv1M66Wlml5AV-kZ0mcgeN2taHwHXRLyBTkKqTUV3PuliVubMNz8JWmFBIxiXPaJfPIgv3btf68T3hYYJOqXVKcLZRiWXTT7q5kb2lhq0N5BIlGOyCz8juITYMYqQOx5SgAHPnxHujti4xhBI8jP4NS8AJh-nduxMwde0mtEYuA86vki0TIkFyFacoDogjjvftvOON2Rqc-_ANT1mJIDYSgyaIMg9DEAd2XzyHAz_1EyjitDV3IjmPwzYc5ZJULFGFR6QBfQs9zO9o6Yyb4BWnSeHFMuD-PMjKbe2-DLnQ6BJMhd_8fQdsTWDF_nx9LUkEGq-3r0Zlx-ABYBbsUxaAW7bNsXD8MuVAX-kL9bzO_qKB0sSRKb6rTCQlxSUPJqszSNSCxDMdHfhPHbVF7_BgAh7c-yJtldYRLmh4f1TS91ZjNulSyBstNMEBwx1q3WClZtsWZE3s2XToHP5kqp66bhV_4IVqh84JRB5RsR7LWfIgaEjwChZ0HK3id5x7ACKScVbe2EzpnQDo_ydi0AzHm1UI6lm8Lg54xhW8NHdQ3RJtzMKiP3b-C6WwKOkFyMOa5hnzZNYR4LLlSgi0c1NFWFiDtv_5QwU8t1puiU6b57lHYRijmkO_v4Q3dOSRludN3xVXJULx_IK9iYs5ADD4udY-ygnG8xykFCrwfXMAZWZlKdGCM5A7QLk095MueKR7NuYhCmMpUg5QJ_q7Xkp5UJnblXhoJkKjAvhoD5tYa-I4J_jiftFtF8cWm3YC_ZZbp9v1Uu-kPWefUYfb_pQY0zHvqGA3FUKKsjUTlBBm9CpsgDYla62aRRHu7XaUzWvhZmkSruOl1k5jxwMLHfODrgwIk5BIVMrrkV5JUk9dlc-GjywwvtBgmn9WEmIsCYIFVAQVyVx3S7DjYa3nyVmlf3-gyMss3biG6u9IrWXz_HipNuvmuuTf1ZOJii88N9_WttoEn9dgSXhkrtmRXz04mUA7U6PaJSP5H68bORyU6RuvQqW9dqQ43vUOO1w6jy1KbMLtkILs9TSdqX4wc_NXLkRwjMiNCj0p14KgvHf2fI7jxpyeYVK96byU5cIjWgMk0usuBvphlgX6Isq-xZ-3WfVcYn7iWUQdDZLaGsdtycB8Nf_CjH5gk1yRmdh13TQYznJjtnQ4sLJAdTt7cbTbqKSUM6pX-ziXJ5w6l5r9B4abgzEaGb6yCPQWgSX_HypUobrJa2fXfjiwLYQs74minFeNWL30XN_T0iL2L6LK8axqbi1-1Ft3mACJjI2czkNrV0lZJhbefgpKlkHvop62CFAu-EyhxIOtfr6nTzypNCIZrg-RVhrcKo8UOwm1Kohq4BGDlGg1bvSo0zbvFQBoWzDb4PBkjR_abGVpDPNBQpkJFcHTJP_-SHeUR7l78yxx5RZCi1RWBhXHbycGusFuvO8MeiGVCJNKJkr82BD2sTn9OVL85Qt6bs8JAfuWD_3z4YQI_4iSESfNepkQDLiDX_1xeDy3pwUMphR0nA1GGWo2VgbVibXI4epKkBC8vuhrxzvHi4cqhc_Yy01e1FYzUJRU51LekVrwqCxc2mUBfKPCRVUUchFtbja9bC0B242lSnIFF36kUf0YcFEc-zSZuUWkAoGT0BSk4LoE6KcDTi-xa-BEOIfAiMjPjdjX2BGc1WMlQQFvdlcAPdy3f3YV789-kNgqUMKCN_ooLI3kig-7TdZ51Fomyx-7oKi1ocxuRqGo8x-1eQlrxbfoB0XkYhja5iLFjgU2NU4ZKxy9YXQnuZ1jfH2zj0WJjAbBu6Rubo0RTJSTCCfdVkSk12CfcY5az6lS_P_nLbJTO8iL1jqiG0Wyl8Au1tcFvrew6Ht2DGNIselt9x7WxZlpfhX7itOm5-8n1ithTkPSHM7dQq4Gj-1fC9nI_xkf_jT4_yuXfNOuNp8iLUoNb3OeWS-CJqbH5WbdJIcPApfzvs_Og81xwENmIQ_oNYQF8Pz3xSYv7cjsDM2wr4QmOlo6oSGF6gkX1WqD3vfaz9Vbtp_rkRn3qrc4JlVwwC_Bjmn2PJEeI19t1DpgF5dvcWMiTq8YI_KpvkFQ1XXpsDYJNBBGkPIDpDTEpGH5rn8k-sALLWrhczujWA2eHG-7T3Qx8oE798sH-6Hdnf7j-PsUj7RQSvX2GLfl-DwYvxes4jiQJFX6LqSyPJsbUD8IFsGnlP2J7UDsNTMEVQV7-LSNO_Jq2bv6F3Lzj--B7Jv6CzhpKB2RP6UiLW3bUVIrAhM1W02G9zLLaD8QZLenloFJ1i5A7jlzNNrToXXwxq-iX6Z4coqX9mkMy2gO8mXsTUBx869PC2K4PHmQoicid7nljJ4h_3ELZgOJ4lzXXhjQSHzTKstjZj533G1v925lDKbO1wlOXBinU3xsvBgSGhQ4BQEzvSFTlu2uoGhHFCxnOjCFAb6DSmC9B8KBJ5cex0NtXdVh3A53aAubZMR4M4MjEqHLMErcVCTZpMjOltf4NunjHWAQ0KCUBYVFS1LVA-_Z2L0Zyz2kswppYeKvfH0YHdlHR-ZfG6OjqhwtEWLW0iPmwWR-zix6-zQ2OkFmus9y5O7MzMPDY69P-aHDzr1lRmS06AUIaHUye6BX-T3EhoQEP_CIHJcxqV_0-4K-n46QLeP_Wi1-KKtfh0EJbGjlGIVmNcdlB6SZsBBASXClvKLrNQew&cid=CAQSTADICaaN0zpli--6C-QcDwhLT00kjFmEr7jnwz945x1dS-3NZ6gtj2x5QnKEYWRZEQ-b3ywGlwq0jK6AyUJ64BISiex-8XO9NKHcBwIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.kibrispdr.org%2F&ds=l&xdt=1&iif=1&cor=10713323696432818000&adk=3047537735&idt=135&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1fa7234408d31c2ff8c33143d4c3292cfa923adb32c4f5848a4dcb16a2f08f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37672
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 95FA 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv8AcjHQiZd7fL5-H1PIPu_qBwAIAAAAAOAHgBAI&bg=!YmGlYS7NAAYMG8UMLBs7ADQBe5WfOGG6Uol46Q8yDPCNlJaMLr-fEnTfekGo_Tg7s7E7JI5ThcuWZvQcixPVqzrUiNteAgAAAEhSAAAABWgBBwoAaDq0P3nNrqZT0SU6T-j1ndQhNZVVc0qTT8WWzJMna83Llu8_GwKtHgJnyU7nbgVU1u67T60qOjFsr1vHrj_urqaQ-L2kr-JqiMQR4zsSC-CDBTAnCz3u_BZeVA5bhX0XxPdoXir4D0NTmQL-rq_KwbZTqxPIj7CzyeKkNvipXBBCWyneNOQOWFisOHcPbCRhvt9oznv00O7IMqp_hVJyl_EwFZ009cMybkFa33xr8hNjDd5sXY8ims1-M0lAJ5qGXsrlpQWAhdkSUK_dWlYn-6vy-WvsRFfUsf6Y8tOZ_jvqc2Fl2CZRbi7-fKQKNQaRgwzVdNY72nvJNSzL5hWLKe06rap2ikfNldQmJjwoy47TnllUqw2o-6z0_xhdu3kg6W0bkIBjPcgRKwPw41wru7aOSzZstsZQTxRUupxeXL6QGkgtGUqZ1YqmfsZ5aEuHqXmcNSv663qfkveSdMYCCbSX3Z6d0C6sGhhJJybAXZHmgE8aT1Dqz3wZD6RkcbmFe_lIPiRDh-SbTShoionlhKIkikjx9Gvcs72MzNX4QUqnz7ktye29ZLPo5zs9up8mmC9F0QDazO3VknwGJvMYjDeOwlGoLqVro-RK9UgzptYP0_FWQJFUw-gpZpwmFNgqHd6xIldwTH-rlg10K8C1SNcsT_qTh0iDG2Os4oeGvoUVPoGmFv5zX4mbuRMrSzXhIh9rDXOVQeWP1lIeyXEe3xENEoNvJAZzZq7XKQHGK9qUzXsc74q1yszi8OFuMRQc0tOJrhi5zG7UwCynv9f5hY0un09E114bv7HAKFRIK-rTtrAREAhjAhBigbrpRG_jdckdl15V85Zkq6UFUCosFS85o1CSz3SlANje8CLMnj-MyWs2konvWAOTwGCih0SwL4Ty4y2cQpfzni4sUCHgn3XvnXWoBqDf1YAseG_Ap6Ewh6oKy3Q-XTpb3h1vA-E4yx2kxJi0TLoSNmCTubEM1hgw3Dc39E9aqaHWFQQmueQuZ4WeZuCSvuX_oxB7ouYp0v0ChYxbJx7DxlT93lhX9IHXytn4G59qIYRcdmj1U2pUbtc19D6E53BtjvJkeJ2uVbiUIl5krLhkicoKGqOGtZnBE8KCR7E3c1vgX2GJCPaOaPU7DrOb8oHWUIcNQTjytTeIwPkzQMZ6Pw

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 11EE 30 KB
11 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKSYwNK1gwozZpzoCWBjVcIN6F_dDEXCzHmRTOuqkUsw6BURhT2JvUCFtpdTz_guGaXG0LNuOvSKxbJ2CaKRM4Q8LAlw&cry=1&dbm_d=AKAmf-DPItppohem7H3_T-ZROQTw0EPtktUEctvtsiPCGpZs4W3FI8zQoRS4jvKhe_EvUWl3O2q39HR3d7gWtdQxxRne90tM6c9YNNvyq-CVD7_fJj7gr9cmkq-bRoC4dMPYKwu3FwyjoHKVjGfpGiwINwqClYIhO18j0JvX7amvLOA8Lv-uwwfEROHg0nF7YWL-g2RiaRR5uvIOQQ0xtnF3NJhsF6CtipJg5JUBkB2nVlE9PZlGTAqTXi20NIIwNhcRZpatmbfnLqC-Wp7S0hFB6-LjrecyXdlyjBwP8pn63rrgHs835Gg5VqpXc68O-tbIJe6ypTU0IJwabDH7ZYo8PfRp_fJUtbX6Ck9rUuGW70jcJoWfVbLKuRlZpRDGcsLP-MtRR9OqiGe_NK2qU1Syhdxd57ITCm0-oj93ioai6oTDAileX-kNmALOZAvOWEh465wkJQAnsh6RlTS5zZ8I79dHUinSnb2yKujwJ88c-8LCSZs5akpTSB0nXG_NqsEHAsITZ-Vtp3jjCeT7i4wpxK9DrtEe15GinuHRSEIIwYVUm2trhR29Zex5rUWm6NjVgkan8GSu2bHUBHAnjxagmtszUcMaF1VocznlK329xBpLJ_GKOi7ZIfS2rEOTBAcTFkE5iTjBoWFnFSdCadA7mdd-nzoSr6P3ARJPnFcqeRoJoTdJAStFY-I5rZXChbsxFgW_Pt7k6-cjDsrFwghyVIbueCJDYwiSvPKutqweI0YWEDJwERb5EDrsWIo53jn_Fp7qdQKFkfjLJuT7WHi2UfASy-BvON5TBgcM_NtSZ6Uy2BoCSV-pnM-agWEMDEhXRpWvpm10JH10h-nCWa98OE0TrAGKaL3Tv549JJ0IsKOxDXVvZChPUB3Pz-6Tucr-RtRVubpXIV_tAYLKWDAf_P__gFQCbv1M66Wlml5AV-kZ0mcgeN2taHwHXRLyBTkKqTUV3PuliVubMNz8JWmFBIxiXPaJfPIgv3btf68T3hYYJOqXVKcLZRiWXTT7q5kb2lhq0N5BIlGOyCz8juITYMYqQOx5SgAHPnxHujti4xhBI8jP4NS8AJh-nduxMwde0mtEYuA86vki0TIkFyFacoDogjjvftvOON2Rqc-_ANT1mJIDYSgyaIMg9DEAd2XzyHAz_1EyjitDV3IjmPwzYc5ZJULFGFR6QBfQs9zO9o6Yyb4BWnSeHFMuD-PMjKbe2-DLnQ6BJMhd_8fQdsTWDF_nx9LUkEGq-3r0Zlx-ABYBbsUxaAW7bNsXD8MuVAX-kL9bzO_qKB0sSRKb6rTCQlxSUPJqszSNSCxDMdHfhPHbVF7_BgAh7c-yJtldYRLmh4f1TS91ZjNulSyBstNMEBwx1q3WClZtsWZE3s2XToHP5kqp66bhV_4IVqh84JRB5RsR7LWfIgaEjwChZ0HK3id5x7ACKScVbe2EzpnQDo_ydi0AzHm1UI6lm8Lg54xhW8NHdQ3RJtzMKiP3b-C6WwKOkFyMOa5hnzZNYR4LLlSgi0c1NFWFiDtv_5QwU8t1puiU6b57lHYRijmkO_v4Q3dOSRludN3xVXJULx_IK9iYs5ADD4udY-ygnG8xykFCrwfXMAZWZlKdGCM5A7QLk095MueKR7NuYhCmMpUg5QJ_q7Xkp5UJnblXhoJkKjAvhoD5tYa-I4J_jiftFtF8cWm3YC_ZZbp9v1Uu-kPWefUYfb_pQY0zHvqGA3FUKKsjUTlBBm9CpsgDYla62aRRHu7XaUzWvhZmkSruOl1k5jxwMLHfODrgwIk5BIVMrrkV5JUk9dlc-GjywwvtBgmn9WEmIsCYIFVAQVyVx3S7DjYa3nyVmlf3-gyMss3biG6u9IrWXz_HipNuvmuuTf1ZOJii88N9_WttoEn9dgSXhkrtmRXz04mUA7U6PaJSP5H68bORyU6RuvQqW9dqQ43vUOO1w6jy1KbMLtkILs9TSdqX4wc_NXLkRwjMiNCj0p14KgvHf2fI7jxpyeYVK96byU5cIjWgMk0usuBvphlgX6Isq-xZ-3WfVcYn7iWUQdDZLaGsdtycB8Nf_CjH5gk1yRmdh13TQYznJjtnQ4sLJAdTt7cbTbqKSUM6pX-ziXJ5w6l5r9B4abgzEaGb6yCPQWgSX_HypUobrJa2fXfjiwLYQs74minFeNWL30XN_T0iL2L6LK8axqbi1-1Ft3mACJjI2czkNrV0lZJhbefgpKlkHvop62CFAu-EyhxIOtfr6nTzypNCIZrg-RVhrcKo8UOwm1Kohq4BGDlGg1bvSo0zbvFQBoWzDb4PBkjR_abGVpDPNBQpkJFcHTJP_-SHeUR7l78yxx5RZCi1RWBhXHbycGusFuvO8MeiGVCJNKJkr82BD2sTn9OVL85Qt6bs8JAfuWD_3z4YQI_4iSESfNepkQDLiDX_1xeDy3pwUMphR0nA1GGWo2VgbVibXI4epKkBC8vuhrxzvHi4cqhc_Yy01e1FYzUJRU51LekVrwqCxc2mUBfKPCRVUUchFtbja9bC0B242lSnIFF36kUf0YcFEc-zSZuUWkAoGT0BSk4LoE6KcDTi-xa-BEOIfAiMjPjdjX2BGc1WMlQQFvdlcAPdy3f3YV789-kNgqUMKCN_ooLI3kig-7TdZ51Fomyx-7oKi1ocxuRqGo8x-1eQlrxbfoB0XkYhja5iLFjgU2NU4ZKxy9YXQnuZ1jfH2zj0WJjAbBu6Rubo0RTJSTCCfdVkSk12CfcY5az6lS_P_nLbJTO8iL1jqiG0Wyl8Au1tcFvrew6Ht2DGNIselt9x7WxZlpfhX7itOm5-8n1ithTkPSHM7dQq4Gj-1fC9nI_xkf_jT4_yuXfNOuNp8iLUoNb3OeWS-CJqbH5WbdJIcPApfzvs_Og81xwENmIQ_oNYQF8Pz3xSYv7cjsDM2wr4QmOlo6oSGF6gkX1WqD3vfaz9Vbtp_rkRn3qrc4JlVwwC_Bjmn2PJEeI19t1DpgF5dvcWMiTq8YI_KpvkFQ1XXpsDYJNBBGkPIDpDTEpGH5rn8k-sALLWrhczujWA2eHG-7T3Qx8oE798sH-6Hdnf7j-PsUj7RQSvX2GLfl-DwYvxes4jiQJFX6LqSyPJsbUD8IFsGnlP2J7UDsNTMEVQV7-LSNO_Jq2bv6F3Lzj--B7Jv6CzhpKB2RP6UiLW3bUVIrAhM1W02G9zLLaD8QZLenloFJ1i5A7jlzNNrToXXwxq-iX6Z4coqX9mkMy2gO8mXsTUBx869PC2K4PHmQoicid7nljJ4h_3ELZgOJ4lzXXhjQSHzTKstjZj533G1v925lDKbO1wlOXBinU3xsvBgSGhQ4BQEzvSFTlu2uoGhHFCxnOjCFAb6DSmC9B8KBJ5cex0NtXdVh3A53aAubZMR4M4MjEqHLMErcVCTZpMjOltf4NunjHWAQ0KCUBYVFS1LVA-_Z2L0Zyz2kswppYeKvfH0YHdlHR-ZfG6OjqhwtEWLW0iPmwWR-zix6-zQ2OkFmus9y5O7MzMPDY69P-aHDzr1lRmS06AUIaHUye6BX-T3EhoQEP_CIHJcxqV_0-4K-n46QLeP_Wi1-KKtfh0EJbGjlGIVmNcdlB6SZsBBASXClvKLrNQew&cid=CAQSTADICaaN0zpli--6C-QcDwhLT00kjFmEr7jnwz945x1dS-3NZ6gtj2x5QnKEYWRZEQ-b3ywGlwq0jK6AyUJ64BISiex-8XO9NKHcBwIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.kibrispdr.org%2F&ds=l&xdt=1&iif=1&cor=10713323696432818000&adk=3047537735&idt=135&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:38:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 11EE 11 KB
4 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:38:45 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 11EE 0
0 191ms
84ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvh5yKuEIjDkQhLQr5mULyK5NE_KRt_VZi2EV_u_3xuqV1ikWtseJ6q_Woq2haBxwcayKO4b2JVQbfuTcLiNEJdKuH4ZECWDYqa-rgQj5FS6u1CYxRgIAwKylRFbB06CZXpsrJ6IIj3iQaQ1_x_f5lxXhdCdl7hfB7oMqlV-RKCcBPVNEtOsXY3jsI-PUB7mzNNrlmJ6hpw0A0nk4vLpLZpir1nf4bER1reqyPntLohojZkGhto3RooQ4l9CFR1i_BWAeusTJM6gpK1Abrhdgc1FBqwtt3baghvwF8styWstDDPT87zu3KVQwvD8JveZWShO4Z1_VpBbpCe8YTI-s3vRRjvUXm2RScTNYpymE_ScTnWTYmBfy5Dp45XDbTj8ypWU6BXuG_axaH7SR6SX-td3A6IuscKEhlCINzhDGTHHm_1mqie7jwj0JuosS5ODA-P9XPRGqQySGdrMOMGEtDgQaCf1edgkWyOPG6-I_Kuq6RjarlhHBK4Y3068Q4ypwnMXaELZ-cELIxfmI3l2dAcsnrjklwAneC-08AMTcfn8uMbrXs9wuRbM0UIRxCAzBkOsS6bcgm-pok_HCOvQR1fbVBohxo_SFDjlbY7f4lxQ-2jZw_6PoB22ExbxodOje1SN7cRR0ClxzX88AqdMOzTD41Z2NvucG30oOZxhW3jvjC2sypJccw1W6YJxjDD0Y1wwjKzqOQlUxJVYyodbyCZYtuq8unlnZtAv3rQjRnicjMSddSwHiD7TL5dHsG3k63bAQCngN3WUm_vyhHTVPMlB84teHLmHkQd8BdEto5p0X3svB7L8yugCoil3dedEjRR3qJbZL9mBmrjPgDjW4UujOTj-zglx8VSLk37eFpP2d2n6vVHlfPS9AJ74ChyHhTOqpQOJwOocpG8jnxQit4h0NbHINsYEwjhRpwjuMyy5HP4hG7-9jiv22vmY3Bsjgg664fSRg63hpDaUI5XBNcTAhtqvkyhDG1kZY_EczFnUzbJ3DnOYHnaS_PVR3XwSfXA_rBY6fiG2mJAVJnBmsnoXW1Z4E62DHniQB-Gi51mOSkADBwfjWWotyBvEdBfYLSQ9X21KaywbcZ7xuKxF80HFjdon_3zbd-I5Iv1oR3l_uHvX8UOE64HD3fY507lADfbdA3-f0qp6v9Y7CDPSJ7SlddakAtZ_1xWfZsK0YPp3cwUj_9WBR868UO_id_lvwwNQHDJYog6O7gkhWn3egQJrqPPqyCmqAa3SwJbrFtJMu5cGWaCsAmtTs3ti2FmTi1hPFqjM8C6iWn0vURjYMGEq85NvP5zu_fQXlUKxZ6FU-rOc0jc-k7Nkg&sai=AMfl-YRi-YcaPAYDVMljbW789XnOcRV4jdayDum2_xwzfzMyaDHPH2NPV5nxV0IYq3rO_zfX1WeATi8vYgZu8Nyxz1ZmkA6Pgd1aWPfWcEpTHxz_36uDATq7dIE93S5a2NAHZHICypLHkSA98Mlft6LoeLwNru0LAF6iEnpXYKYXplLUAXtJU3Vyw-z42DKco4oX71-5nib9eBYMFDAlQlsJhEFFZvlUwGp-PeTeHhJaL_CyBnm0xhPSRbC18NQFR4bIO1vmHhtXVlE-ERzDfxZTcxfyM-14pedBgqJ0&sig=Cg0ArKJSzD6ZK-hYf-Q-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231004.87294&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 11EE 41 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 294125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:39:12 GMT

GET
H2 200 13447569367367790450
s0.2mdn.net/simgad/ Frame 11EE 57 KB
58 KB 157ms
39ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13447569367367790450

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4c809d7eb859e9e63a32e0f240dbae81d391cef874d21e327f073a08e0dcc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:03:07 GMT
x-content-type-options: nosniff
age: 299890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58695
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 11:09:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Oct 2024 22:03:07 GMT

GET
DATA 200
OK truncated
/ Frame 11EE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 595de9aa36eb132b74ca115c08432234e720c368ba88d95ac4eafbdfba470599

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E68D 38 KB
13 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 195258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 03:06:59 GMT
expires: Sat, 05 Oct 2024 03:06:59 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame E68D 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 75D7 0
465 B 287ms
177ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=74125700035872704444994012471007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgxfvjHQiZcnzCM2ix_APvYeniAmm5b2gab2TnKfJD_AuEAEg9s-mkwFglYr8gZQHyAEJqQLOG7AQ3cKxPqgDAcgDmwSqBOsBT9C8x6zMyRMEW-TVZttc1rh4UjDufiwB7AtpexNTqkk4n1bLZcp8PNRyAcLBNiZwx1bPr57tRLyOmwpYrdIJgtThF5IgGMmm0g_bA1PVExr24k6vAS-4btjAm9BcbDmOM_HzlDkz4Icb0ZmnFOrJ5G_zU8S0dlGC1eL285n0nsSGCtxcO3Ts4I4YVwJuH9Njhm6p8Sw3TUoSeNmwBr4mwV5mriBnsREbGLww5et6kViTgMBi3NgGxs_6dgzhdvrDxaJ1gD_pMUFibN-T7qdFV9c7Npbn2gbqZ0lykqTfb0RueWn4dIm2m18a_MAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCP31_PaP5oEDFU3REQgdvcMJkbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIyen99o_mgQMVTdERCB29wwmREAEYASAAEgJuCfD_BwE%26num%3D1%26cid%3DCAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ%26sig%3DAOD64_1CzfzHICwlP3uJ__4zOhBEcMWD8g%26client%3Dca-pub-2749054827332983%26dbm_c%3DAKAmf-DocHIJOZhMpPk-OXuHxW5cBHadZzpRsyM9x3VZZVjP090_AjBLsXx0G4uL8icVpP3gLFaIgF_mpN_SAVKbKbPH112YG5cORM_jFF8WzkIguv1Wzgvj51wMbmjF1FPyis_n7wFFFsZ4wFbGEsodBRiCW7_-21VU9sLRddcdxjPbGSV1_Es%26cry%3D1%26dbm_d%3DAKAmf-CVc7pCvir433GQK1wuQ6XMQsCO854L_jgD21GWNgwyLG0h3jcU5l4rF4gr3AwdGCS70IuRR3d15ZKi1qZPNdF2h8C6r1b9yhqd5YqodrJZ_TV5_P0jd7-lT-VozgDtDH0RNDXiLV6I5u31MXe_WYr2K0PjfLGMNWHCTxo_HUIMqfLEstfZlDGzKt7OBo9LhRnvKyKU1TDRSYkax9QsDIBW7ZwNRAgh4LY87OJRnpXhH8j_tjiX4hTIYrQGHhQ2clJrRinkGZaKuuuQXlvPSzClAkEvThLiCQaPukAkuAVP8ufoz1w11R6121R0ZdxE4fAWmnBgyKyyaBK3kEZzIFbvrCyFetFelMAbBVnPVTccbUPaf1IpK7tZtTrSII39FNtgE6W4wdCmFSJEAlVpLP13CaBuE8Tkz63NIM8FPb98cdVIrKn5n8grwEFtVNDJTWSUNFBwyewnhiunVX5hKgyWbRoig2EAQOePbVoY8kWaWd25_4NZnqTYeiQ9QJ9MHTm63T_MkWEk05bItDW1zL7-7Epb3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kibrispdr.org%2F&ancestorOrigins=https%3A%2F%2Fwww.kibrispdr.org&random=1094958562692&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 08 Oct 2023 09:21:17 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: 50FF076A:CD60_91EFC182:01BB_6522748D_E253A4:1D8B9

GET
H2 200 / Show response
adv.office-partner.de/ Frame 0E3D 930 B
931 B 180ms
38ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgxfvjHQiZcnzCM2ix_APvYeniAmm5b2gab2TnKfJD_AuEAEg9s-mkwFglYr8gZQHyAEJqQLOG7AQ3cKxPqgDAcgDmwSqBOsBT9C8x6zMyRMEW-TVZttc1rh4UjDufiwB7AtpexNTqkk4n1bLZcp8PNRyAcLBNiZwx1bPr57tRLyOmwpYrdIJgtThF5IgGMmm0g_bA1PVExr24k6vAS-4btjAm9BcbDmOM_HzlDkz4Icb0ZmnFOrJ5G_zU8S0dlGC1eL285n0nsSGCtxcO3Ts4I4YVwJuH9Njhm6p8Sw3TUoSeNmwBr4mwV5mriBnsREbGLww5et6kViTgMBi3NgGxs_6dgzhdvrDxaJ1gD_pMUFibN-T7qdFV9c7Npbn2gbqZ0lykqTfb0RueWn4dIm2m18a_MAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCP31_PaP5oEDFU3REQgdvcMJkbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIyen99o_mgQMVTdERCB29wwmREAEYASAAEgJuCfD_BwE%26num%3D1%26cid%3DCAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ%26sig%3DAOD64_1CzfzHICwlP3uJ__4zOhBEcMWD8g%26client%3Dca-pub-2749054827332983%26dbm_c%3DAKAmf-DocHIJOZhMpPk-OXuHxW5cBHadZzpRsyM9x3VZZVjP090_AjBLsXx0G4uL8icVpP3gLFaIgF_mpN_SAVKbKbPH112YG5cORM_jFF8WzkIguv1Wzgvj51wMbmjF1FPyis_n7wFFFsZ4wFbGEsodBRiCW7_-21VU9sLRddcdxjPbGSV1_Es%26cry%3D1%26dbm_d%3DAKAmf-CVc7pCvir433GQK1wuQ6XMQsCO854L_jgD21GWNgwyLG0h3jcU5l4rF4gr3AwdGCS70IuRR3d15ZKi1qZPNdF2h8C6r1b9yhqd5YqodrJZ_TV5_P0jd7-lT-VozgDtDH0RNDXiLV6I5u31MXe_WYr2K0PjfLGMNWHCTxo_HUIMqfLEstfZlDGzKt7OBo9LhRnvKyKU1TDRSYkax9QsDIBW7ZwNRAgh4LY87OJRnpXhH8j_tjiX4hTIYrQGHhQ2clJrRinkGZaKuuuQXlvPSzClAkEvThLiCQaPukAkuAVP8ufoz1w11R6121R0ZdxE4fAWmnBgyKyyaBK3kEZzIFbvrCyFetFelMAbBVnPVTccbUPaf1IpK7tZtTrSII39FNtgE6W4wdCmFSJEAlVpLP13CaBuE8Tkz63NIM8FPb98cdVIrKn5n8grwEFtVNDJTWSUNFBwyewnhiunVX5hKgyWbRoig2EAQOePbVoY8kWaWd25_4NZnqTYeiQ9QJ9MHTm63T_MkWEk05bItDW1zL7-7Epb3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kibrispdr.org%2F&ancestorOrigins=https%3A%2F%2Fwww.kibrispdr.org&random=1094958562692&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 08 Oct 2023 09:21:17 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 15 Oct 2023 09:21:17 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame D84E 2 KB
2 KB 236ms
103ms Script
text/html 13.43.154.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=74125700035872704444994012471007&nw=1
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.154.56 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-154-56.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ebf379118ac98658f9460b76744135c9385c90c698a0b85443f47bad46ce17c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
last-modified: Sun, 08 Oct 2023 09:21:17 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 08 Oct 2023 09:22:17 GMT

GET
H2

200

activityi;dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259 Show response
5994599.fls.doubleclick.net/ Frame C3B1
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259?

391 B
326 B

87ms
85ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259?

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

f538f40a4cb488a6b593ceba49109d4831ab475d5a9796e27fc9b6a5bbe0bce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:17 GMT
expires: Sun, 08 Oct 2023 09:21:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame B23B 7 KB
2 KB 120ms
39ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=74125700035872704444994012471007&a=ec7729bc
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5f8f219cf0&subid=&uid=0c92dbed0246866a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgxfvjHQiZcnzCM2ix_APvYeniAmm5b2gab2TnKfJD_AuEAEg9s-mkwFglYr8gZQHyAEJqQLOG7AQ3cKxPqgDAcgDmwSqBOsBT9C8x6zMyRMEW-TVZttc1rh4UjDufiwB7AtpexNTqkk4n1bLZcp8PNRyAcLBNiZwx1bPr57tRLyOmwpYrdIJgtThF5IgGMmm0g_bA1PVExr24k6vAS-4btjAm9BcbDmOM_HzlDkz4Icb0ZmnFOrJ5G_zU8S0dlGC1eL285n0nsSGCtxcO3Ts4I4YVwJuH9Njhm6p8Sw3TUoSeNmwBr4mwV5mriBnsREbGLww5et6kViTgMBi3NgGxs_6dgzhdvrDxaJ1gD_pMUFibN-T7qdFV9c7Npbn2gbqZ0lykqTfb0RueWn4dIm2m18a_MAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCP31_PaP5oEDFU3REQgdvcMJkbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIyen99o_mgQMVTdERCB29wwmREAEYASAAEgJuCfD_BwE%26num%3D1%26cid%3DCAQSTADICaaNVPTc1-3OQa00t6Ohj8kNBZ7-J1TmhRvbtTNii5RCLuybBJDoSeFQqvqx_Yw8FLTnMJObFga5Hv6AjD9kub8pfcrLqowydoEYAQ%26sig%3DAOD64_1CzfzHICwlP3uJ__4zOhBEcMWD8g%26client%3Dca-pub-2749054827332983%26dbm_c%3DAKAmf-DocHIJOZhMpPk-OXuHxW5cBHadZzpRsyM9x3VZZVjP090_AjBLsXx0G4uL8icVpP3gLFaIgF_mpN_SAVKbKbPH112YG5cORM_jFF8WzkIguv1Wzgvj51wMbmjF1FPyis_n7wFFFsZ4wFbGEsodBRiCW7_-21VU9sLRddcdxjPbGSV1_Es%26cry%3D1%26dbm_d%3DAKAmf-CVc7pCvir433GQK1wuQ6XMQsCO854L_jgD21GWNgwyLG0h3jcU5l4rF4gr3AwdGCS70IuRR3d15ZKi1qZPNdF2h8C6r1b9yhqd5YqodrJZ_TV5_P0jd7-lT-VozgDtDH0RNDXiLV6I5u31MXe_WYr2K0PjfLGMNWHCTxo_HUIMqfLEstfZlDGzKt7OBo9LhRnvKyKU1TDRSYkax9QsDIBW7ZwNRAgh4LY87OJRnpXhH8j_tjiX4hTIYrQGHhQ2clJrRinkGZaKuuuQXlvPSzClAkEvThLiCQaPukAkuAVP8ufoz1w11R6121R0ZdxE4fAWmnBgyKyyaBK3kEZzIFbvrCyFetFelMAbBVnPVTccbUPaf1IpK7tZtTrSII39FNtgE6W4wdCmFSJEAlVpLP13CaBuE8Tkz63NIM8FPb98cdVIrKn5n8grwEFtVNDJTWSUNFBwyewnhiunVX5hKgyWbRoig2EAQOePbVoY8kWaWd25_4NZnqTYeiQ9QJ9MHTm63T_MkWEk05bItDW1zL7-7Epb3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.kibrispdr.org%2F&ancestorOrigins=https%3A%2F%2Fwww.kibrispdr.org&random=1094958562692&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: eecb6f1d472c1008b7a1e5abe84eb6c658c9d430f117e3d7ce841699eff83b10

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2104
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Oct 2023 09:21:17 GMT
Expires: Sun, 08 Oct 2023 10:21:17 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame D84E
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=74125700035872704444994012471007&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=74125700035872704444994012471007&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
481 B

192ms
85ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=74125700035872704444994012471007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: 50FF076A:CDF0_91EFC182:01BB_6522748D_E24E1E:1D8B8
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=74125700035872704444994012471007&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Sun, 08 Oct 2023 09:21:17 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D84E 43 B
702 B 240ms
133ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=74125700035872704444994012471007&pv=1

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 09:21:17 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame D84E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c30b985f4309cba1f61f750679c9d0c4f74825dac750adc9ec9bed7bdfb2a256

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 322ms
322ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4418733989599691&correlator=3193516593021001&eid=31078259&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22731072168%3A22540162842%2Ckibrispdr.org.Banner0.1690548972&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x50%7C300x100%7C320x50%7C320x100&fluid=height&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D87b6d85a4eacd8a4%3AT%3D1696756876%3ART%3D1696756876%3AS%3DALNI_MaRDHAtnw6EfgiAT0qTquMISU_FLQ&cdm=www.kibrispdr.org&gpic=UID%3D00000c91aea06592%3AT%3D1696756876%3ART%3D1696756876%3AS%3DALNI_MbP-scLwoWsxBjr1omOoBkk6-Os2Q&abxe=1&dt=1696756877398&adxs=650&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=kibrispdr.org&loc=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=1247403905.1696756876&ga_sid=1696756876&ga_hid=2071074017&ga_fc=false&dlt=1696756875564&idt=488&adks=3094767359&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c1fa4872c626be3584b7f7cca74901414ab7d262ebe707e51e9388f1cff2e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11082
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 11EE 0
0 77ms
76ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvh5yKuEIjDkQhLQr5mULyK5NE_KRt_VZi2EV_u_3xuqV1ikWtseJ6q_Woq2haBxwcayKO4b2JVQbfuTcLiNEJdKuH4ZECWDYqa-rgQj5FS6u1CYxRgIAwKylRFbB06CZXpsrJ6IIj3iQaQ1_x_f5lxXhdCdl7hfB7oMqlV-RKCcBPVNEtOsXY3jsI-PUB7mzNNrlmJ6hpw0A0nk4vLpLZpir1nf4bER1reqyPntLohojZkGhto3RooQ4l9CFR1i_BWAeusTJM6gpK1Abrhdgc1FBqwtt3baghvwF8styWstDDPT87zu3KVQwvD8JveZWShO4Z1_VpBbpCe8YTI-s3vRRjvUXm2RScTNYpymE_ScTnWTYmBfy5Dp45XDbTj8ypWU6BXuG_axaH7SR6SX-td3A6IuscKEhlCINzhDGTHHm_1mqie7jwj0JuosS5ODA-P9XPRGqQySGdrMOMGEtDgQaCf1edgkWyOPG6-I_Kuq6RjarlhHBK4Y3068Q4ypwnMXaELZ-cELIxfmI3l2dAcsnrjklwAneC-08AMTcfn8uMbrXs9wuRbM0UIRxCAzBkOsS6bcgm-pok_HCOvQR1fbVBohxo_SFDjlbY7f4lxQ-2jZw_6PoB22ExbxodOje1SN7cRR0ClxzX88AqdMOzTD41Z2NvucG30oOZxhW3jvjC2sypJccw1W6YJxjDD0Y1wwjKzqOQlUxJVYyodbyCZYtuq8unlnZtAv3rQjRnicjMSddSwHiD7TL5dHsG3k63bAQCngN3WUm_vyhHTVPMlB84teHLmHkQd8BdEto5p0X3svB7L8yugCoil3dedEjRR3qJbZL9mBmrjPgDjW4UujOTj-zglx8VSLk37eFpP2d2n6vVHlfPS9AJ74ChyHhTOqpQOJwOocpG8jnxQit4h0NbHINsYEwjhRpwjuMyy5HP4hG7-9jiv22vmY3Bsjgg664fSRg63hpDaUI5XBNcTAhtqvkyhDG1kZY_EczFnUzbJ3DnOYHnaS_PVR3XwSfXA_rBY6fiG2mJAVJnBmsnoXW1Z4E62DHniQB-Gi51mOSkADBwfjWWotyBvEdBfYLSQ9X21KaywbcZ7xuKxF80HFjdon_3zbd-I5Iv1oR3l_uHvX8UOE64HD3fY507lADfbdA3-f0qp6v9Y7CDPSJ7SlddakAtZ_1xWfZsK0YPp3cwUj_9WBR868UO_id_lvwwNQHDJYog6O7gkhWn3egQJrqPPqyCmqAa3SwJbrFtJMu5cGWaCsAmtTs3ti2FmTi1hPFqjM8C6iWn0vURjYMGEq85NvP5zu_fQXlUKxZ6FU-rOc0jc-k7Nkg&sai=AMfl-YRi-YcaPAYDVMljbW789XnOcRV4jdayDum2_xwzfzMyaDHPH2NPV5nxV0IYq3rO_zfX1WeATi8vYgZu8Nyxz1ZmkA6Pgd1aWPfWcEpTHxz_36uDATq7dIE93S5a2NAHZHICypLHkSA98Mlft6LoeLwNru0LAF6iEnpXYKYXplLUAXtJU3Vyw-z42DKco4oX71-5nib9eBYMFDAlQlsJhEFFZvlUwGp-PeTeHhJaL_CyBnm0xhPSRbC18NQFR4bIO1vmHhtXVlE-ERzDfxZTcxfyM-14pedBgqJ0&sig=Cg0ArKJSzD6ZK-hYf-Q-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=264&vt=11&dtpt=263&dett=2&cstd=0&cisv=r20231004.87294&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 328 B
173 B 305ms
304ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4418733989599691&correlator=3193516593021001&eid=31078259&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=22731072168%3A22540162842%2CGAM-DSK-kibrispdr.org-Direct-US-INT&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D87b6d85a4eacd8a4%3AT%3D1696756876%3ART%3D1696756876%3AS%3DALNI_MaRDHAtnw6EfgiAT0qTquMISU_FLQ&cdm=www.kibrispdr.org&gpic=UID%3D00000c91aea06592%3AT%3D1696756876%3ART%3D1696756876%3AS%3DALNI_MbP-scLwoWsxBjr1omOoBkk6-Os2Q&abxe=1&dt=1696756877415&adxs=950&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=kibrispdr.org&loc=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&vis=1&psz=1600x-1&msz=0x-1&fws=516&ohw=1600&ga_vid=1247403905.1696756876&ga_sid=1696756876&ga_hid=2071074017&ga_fc=false&dlt=1696756875564&idt=488&adks=2993851612&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f21fcdac2b6fd941173904fc102e17b105a56f0096ada7b422b9820b60f5e96a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
85 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2V48S6S7WL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9601536-26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62025cd20d07e646835583bf7d67e788291474fa56df1ab278b5b72d7b1a4501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86977
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 09:21:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9601536-26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Oct 2023 07:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5495
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 08 Oct 2023 09:49:42 GMT

GET
H3

200

main.js Show response
www.kibrispdr.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 2AB5
Redirect Chain

https://www.kibrispdr.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kibrispdr.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

45ms
44ms

Script
application/javascript

2606:4700:3033::6815:2108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kibrispdr.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Server

2606:4700:3033::6815:2108 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ac66474054515afa9e87231bd6840224714d6a558395f033bf3c0dfc1bb2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5y5hOHAVDwDpriVfrCyFqCt1s5l9rQrSgv7y8AyrT0uZXhiDaN%2FBfs3MphmRAj0uTSBX%2B9u3hu6S5SprHTdQ3v%2FClAIp2IgpkcKO9DuxR%2F5Zr66w9fJI7dxxi0VDy6mWMdWTkRpqVlWSuN4T8nKTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 812d50147b3118d6-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 08 Oct 2023 09:21:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FmFow2ZqVISdR5VUBujAS1wBT0Z7kesBKLdzCtCZj00C1017obpGpH%2Bp22L6C3UrNRHUykEEMGxj1WnN4S4aihXyJ4k9KkD9u6Qhdj%2BjIP%2FIGOppCUOgl%2FrAkNmgIXigCb7jCQEYPgSGt%2F6HarcDA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control: max-age=300, public
cf-ray: 812d50141ab518d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame B23B 5 KB
778 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=74125700035872704444994012471007&a=ec7729bc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 08:01:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 09:21:17 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B23B 17 KB
17 KB 117ms
40ms Image
image/png 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=74125700035872704444994012471007&a=ec7729bc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4e432570993865b4626637a8abdcc837222b4b188314d16697d371789a1feb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 09:21:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16983
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B23B 16 KB
16 KB 121ms
40ms Image
image/png 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=74125700035872704444994012471007&a=ec7729bc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 28274d4c0671543fff87c00d9aaf3db59622df2040c6df3aa78645a70020a05c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 09:21:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16514
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B23B 11 KB
11 KB 120ms
40ms Image
image/png 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=74125700035872704444994012471007&a=ec7729bc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7bace6853c23124b4c288081d333cc52c46b2612febe0e49be1c0545a8a2baa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 09:21:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10942
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0E3D 174 KB
63 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a826a1576b10ba2b8eb50d99f39c453c0f47703cb95c31ce1fdd13d732db26b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64036
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Oct 2023 09:21:17 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 132ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2V48S6S7WL&gtm=45je3a40&_p=2071074017&_gaz=1&cid=1247403905.1696756876&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696756877&sct=1&seg=0&dl=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&dt=Detail%20Linux%20Ubuntu%20Wallpaper%20Koleksi%20Nomer%2011&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2V48S6S7WL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 153ms
55ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2V48S6S7WL&cid=1247403905.1696756876&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2V48S6S7WL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 151ms
64ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2V48S6S7WL&cid=1247403905.1696756876&gtm=45je3a40&aip=1&z=622311186

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E68D 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BnTfEjXQiZcapA6ut9u8P3IqYiAcAAAAAOAHgBAI&bg=!i4iliMfNAAYMG8UMLBs7ADQBe5WfOCVhzNgJS1OVkgl0IDgKg2ObHf6rpXZXgHzmuTUDVGkgPRyUq--BtjG5XGo81oSoAgAAANBSAAAABmgBB5kDGLtMLRCdseHPTA-gQaahNjyjsiJP_F8ivnT1U-FoVT-MpiJRs_nmNi85iEctw9Yg49MQ8rZ-lAaKv1SVf3C1aN2vVw6Q8Co7VqdnT21cvuRWibnEUBp6lhGpJvTgYjo_vdaJdc2cMhNUPYZncWFslhima_yeev75QNVVFSLvXOsM-CSLtQmUBHSj8quIXj9zI3rjjD7wT0nIh25JGMuqzlm0BTMie8hn4pzkm2YW1q-5YtffLXn3w_vsQ0yYmdUVjwH37-lT5vBvV3-iIphleuv8T3ZZhLhWbX36PQIOXr2AkhNxeEVCtFmZNjo0i_hnocQXNnYkrlFKqlpD81atZIVQ3jeZTljn1WDAuHJkpCptxaysND2uxKBuCQCK4iSqj46s_YhK-FVR5owRThYX7O0zBY1HXLHhCLIvpKlPfL8SA5Fn9T3Fk-cYCn1gwcCII8K63cLI8SKnHBN0QIBpQ--oz648opqJQ63vaagnCPZcdJDHWJlCfjHRRSiBNvyO7zDe1mY_xxVW5CxHOBndzwCix0kfqudXuO_j79Ej5L7gvnofwSUcXE_ONEpYQmXStOvdU6I4K9zXW7ZwKZP6Nq-tsk_61WgTiVoizsq3Bj37o4Cb9YQcyqc9ULk3W-u3yPARnYvGOrEzQN200IEO2kBmzhDawZUQPjVyBJteqvpsCTWmPHAeIuYoYaVIyALMrY0l3uVQ_q3DlLQZiSwghHqHP8ReSh1gzYUfmDNbQmQMDh25-sOcwckak5gyhxNXV2HT7DKuGAX30RLi_7B1m1ejxmPR-C_eTMH9nxukPo7X5sDWWd03Phi69x-dp5mrT2Gu4WBDSiqcCwqZojJGM8AUlKq-bxHpIiP8lFTbU_wTHtt_2P-RuDPrLw6Z8Gq2Eo5S1TFegbh5eXn8_2dQdgH1ah6prjPJ6JvW8FYK4rK1cOUkRAxr-4irMfkTa-eR0Syv8YsVxSHpkTVvPC2QKqNiSFoKuS91hDGgdKfBXlyR3G3dA6u7zE5GknHpSO1CleuHyqBCLkmgHR_OhIdZQb4NgZ60-jCZ-g

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame B23B 0
150 B 122ms
40ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=74125700035872704444994012471007&a=0d1de42b&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=74125700035872704444994012471007&a=ec7729bc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=74125700035872704444994012471007&a=ec7729bc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 09:21:17 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 200 812d50062a181cab Show response
www.kibrispdr.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2AB5 0
560 B 66ms
63ms XHR
text/plain 2606:4700:3033::6815:2108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kibrispdr.org/cdn-cgi/challenge-platform/h/g/jsd/r/812d50062a181cab
Requested by: Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBT9VAgRqrYrV9Z56jZ2pa1xopzilT2il4tmrcGPQIN7KtTGgHP3Hb20AWWS75intOjBzecbvSGF%2BWdgKbfzZvpilBEqjqAmPmKZJElNfSQwXGS3d8PwWQo5ADqCr8ervOEGbqW3DPmc%2BTaXXn2jWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 812d50158cc918d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D84E 52 KB
18 KB 155ms
45ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=74125700035872704444994012471007&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 01:18:34 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 14:06:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 28964
etag: W/"2c13a74e288a2942ad3d2af9bad52cdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: WMzIz5Mkp17MdBKxU4oX_9C6_dlonMO6Pli3-DlDyyNf5p0CQlNE9w==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame D84E 3 KB
3 KB 152ms
48ms Image
image/png 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1696757177&Signature=XIVVd2CeFeGv4yoC-CBEkhQCnuhSyBpUDPHWKOvcbMhTNuVuOCIiKrXXJYtB3B7~sOQ7lcXc56G2yjcVg0bkihQ5HYdnS83jTUsS2zBQGXToDUIY1YTWLETsaPQ~BPh06rjZxA1HDN~DWLB4a6RvOlRKWxwF0IgL~WfGRMvquQhrs9Jl0R5Bolwy9RzsMGitjroBnM58CJbdnx6V7qK745fxL29QkEsxrszsJ3Wet1m0vxARqjPIYYvzsJ3j2EhbUl~QOFTBDZ6BwnLNwFCL19NfXrxk9uzVfCLz0CeELW3AjhVMwxpCwHRRzAddsN6wLwxFLwNU7oVCNBb~xHxxkg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 08 Oct 2023 04:33:00 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 17298
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: W-AZ-Gokr20S7ZvEJF594xIhF1tkLhCFYvg5xSSj_gHmZlEeGSt_0w==

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame B23B 14 KB
15 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 233852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:23:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame B23B 15 KB
15 KB 50ms
49ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 173900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 09:02:57 GMT

GET
H2 200 dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259
adservice.google.com/ddm/fls/z/ Frame C3B1 42 B
401 B 201ms
77ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKb-0PeP5oEDFecFogMdGWgJng;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4656159335964.259?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 47ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2071074017&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&ul=en-us&de=UTF-8&dt=Detail%20Linux%20Ubuntu%20Wallpaper%20Koleksi%20Nomer%2011&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=291695366&gjid=571988488&cid=1247403905.1696756876&tid=UA-9601536-26&_gid=870514011.1696756878&_r=1&gtm=457e3a40&jsscut=1&z=1140404855

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kibrispdr.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0E3D 272 KB
91 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f16e1b9e3ca61b977c00e7773bace4ce91b69a33f2e186f9993d9850fc12b019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 09:21:17 GMT

GET
H3 200 container.html Show response
7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C8A 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:16 GMT
expires: Mon, 07 Oct 2024 09:21:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 50ms
49ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9601536-26&cid=1247403905.1696756876&jid=291695366&gjid=571988488&_gid=870514011.1696756878&_u=YADAAUAAAAAAACAAI~&z=1528310736

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kibrispdr.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1191 624 B
242 B 83ms
81ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjCvJ_sATAB&v=APEucNVmCFo-r2dkEj_ABmgEkmUu5OCCZIBGL8avU2M46QP4hb6kpfwmJabxLrwj_Ju-aLabOR7poNlMlQgCkRkx65PHXvakEDxvsXTUmU3GpK66Ply_Wtj50NhWqjx0BFJMQP8BYqotuF1QHwu7umIpJo6vAyUs9TDiXEseX0DPFaLZtLqTWCg

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1C8A 89 KB
31 KB 109ms
107ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C8A 42 B
63 B 75ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhoiR1dq7y3ksVY_aG8buc1RYN5wFwuSJkjfE3pUTBaSCn4JwxaY03EE9VGcM2xl34lQ04VGLRVAOrhZabbMJkYYrEsYxCE9DN3IF8LMWfoY-S2Nw

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C8A 0
20 B 111ms
109ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6621961274899678588&x=1&ct=76

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1C8A 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 08:33:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1C8A 20 KB
8 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:36:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1C8A 0
0 142ms
48ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_sQBUFz4UIV02bu0LblcAQewFLDTtix9SoBgdmd5nA8ItAnjRoZNXPfjHocnSJO5r-OkrO6W01UfQqzbko4-rSZyRgw
Requested by: Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C8A 187 KB
59 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 09:21:17 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 151ms
66ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9601536-26&cid=1247403905.1696756876&jid=291695366&_u=YADAAUAAAAAAACAAI~&z=280992723

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 64ms
64ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9601536-26&cid=1247403905.1696756876&jid=291695366&_u=YADAAUAAAAAAACAAI~&z=280992723

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1191
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1

43 B
735 B

53ms
53ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjCvJ_sATAB&v=APEucNVmCFo-r2dkEj_ABmgEkmUu5OCCZIBGL8avU2M46QP4hb6kpfwmJabxLrwj_Ju-aLabOR7poNlMlQgCkRkx65PHXvakEDxvsXTUmU3GpK66Ply_Wtj50NhWqjx0BFJMQP8BYqotuF1QHwu7umIpJo6vAyUs9TDiXEseX0DPFaLZtLqTWCg
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRdqmqoTXBkgjThds7fTYg5jOiBb5ZhOE5aFAuDBT%2BQM4HntYMMFsS8niCkSSksm%2FYMAWl9HAQ61BlK%2F8LJJtawjmIl8KuKm0dF5uueuB%2BCKOfL1oJlwscVwTnD8lLCnfAObbvk%2BB5ZmYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812d50174a20926e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1191
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSJ0jNAYbgu95Ly5eB5kbQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1

43 B
734 B

56ms
56ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjCvJ_sATAB&v=APEucNVmCFo-r2dkEj_ABmgEkmUu5OCCZIBGL8avU2M46QP4hb6kpfwmJabxLrwj_Ju-aLabOR7poNlMlQgCkRkx65PHXvakEDxvsXTUmU3GpK66Ply_Wtj50NhWqjx0BFJMQP8BYqotuF1QHwu7umIpJo6vAyUs9TDiXEseX0DPFaLZtLqTWCg
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nptRHy9PFnfGinH2FqH4PtM9sTolgeBHV8DKMUPut56vya6%2FsV%2B2LpEuDVKZYgBmkI6ky8%2BOsCgbE5Q30mT0DABNflNnguRZBQW4Mp%2BbY1IRc1NuQuvpwt2CDS8nFBGNK5vR61kVdx2%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812d50179a61926e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXm4g5bs92Iy1f9008NTuU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1191
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECbyPApCbhXKvgVS1kKO1eg&google_cver=1

43 B
840 B

39ms
38ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECbyPApCbhXKvgVS1kKO1eg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjCvJ_sATAB&v=APEucNVmCFo-r2dkEj_ABmgEkmUu5OCCZIBGL8avU2M46QP4hb6kpfwmJabxLrwj_Ju-aLabOR7poNlMlQgCkRkx65PHXvakEDxvsXTUmU3GpK66Ply_Wtj50NhWqjx0BFJMQP8BYqotuF1QHwu7umIpJo6vAyUs9TDiXEseX0DPFaLZtLqTWCg

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
an-x-request-uuid: 771669b6-49d0-4134-a936-6e2db5cd0608
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECbyPApCbhXKvgVS1kKO1eg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1191
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
an-x-request-uuid: dbf935c0-9b60-4b33-985e-068c09165bf6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C8A 0
20 B 75ms
75ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=498053404859&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C8A 0
20 B 95ms
95ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=498053404859&version=m202309260101&ct=76&x=1&cor=6621961274899678000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1C8A 98 KB
38 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq-Pr0Jl2fKM3OLiyHm196zQUub8YQyDhYEYjYOSs8Han4Byuynh8LgOEMQ-63Ik2J5dgdEofSSNdlGxVhs0BqcJAMReOITPLkMowYIXgg9JXNps8&cry=1&dbm_d=AKAmf-CDAjwKWQ_Sh2xAObkXZ_4k-USgfwyhfP7OxqgRXTyTkGRnKjFaxZyNhahwjGfC5Uu2mrdFpNbHS9RB-SVJ22sTCNfkOz5aqAvcGqK9N5ENCk44hCYVE8AXd01USUFlj4eokK1mWutfzEoGi6xF2dw3kxldjSwy3FouvUsb8u4-VuoRYxnqfz2c5RolIXkC6TvALBwtTpvtpskb9CKZEt4y4AIbHQHE6-VeTKYkTUzyaYuosLR57nsNtt1zmPvfkRfrlA0ptOLF3TUtl-s6VDc9CWTH2q1HGFSFRItMvQYmvAx7SoS6QvqucRURBjlOvBl1aGjJ-SuRhRLz5bH4Ppzxzn4qXL_-5EZWw19NtBfM9ikyCs6ADzxEFJ8H0cwMg4g3GBu2FoqArmNbW5h_uDuyAwfegRmiRxyBf9SkNewNpgDO8DZv9ajDYYDTU2qTT5IYzUzJWFx9GIuwVl0QcEfQna_OKvZB2pVprK7QBS_dHfvwrw8LzO0cpjXy0ZPZL0n3Hwwxp0WYOZznp8-gQVZmY3OKdyVZAdnL1oahBbKR3_LfZvQTvyAXklqSaUXhr7N8UbL13noLKe2ZATLm0njcSi1FBdnHRlB_pInGoFVeQQwIjgkqgWFaA6FlFlP20XO6kcipS2Ofxo9z53eK2mVhnb1r3tU6MoIkvc9_gdXPtrOdxP4KKfiTghz1YyZGf9oY5njqidmP2Vv-ciLrcuMOfXQa7JAuQ85iHiKjU3i09ZRTx_blxpGUksLJQCwK6ht8mLZZH3Q-a6D-fTnx0o_gbpgK7MY3tQWoNF67jnR8AkqCArvi7De_bmg2QsZj2y4qsMc5Wlthg5OoJnMdFjnhYWtxD2it6f5XkjQLxOjUu1_cOqbJalFtu7G2LhCUW2yfeUF6GOguGIqkn5kqIRND0aUVbNBr1ESGyS9cGP50tu9vsrErbr_eRQj-pqb8AJRUcm3S6WgNhpOkkBgh0vWfuazySXH_ksqMtnnuecnkBZhni-vJTh_zgRqf752TlhloSpm_GupthlS9PHATbTpLHfC6e_CrDnWN97wjsP_Uncqy479fvMVD0s7FxmrPK8g5tiqwbp-uOAxhldKe7pRvBdQ677VT1vUo_z2L69OvMTTyvA2UvUy9O7TO4W-ZGQvkEcvy3-0LrApED6m9_0zeOdP7DsUiaGJC7F3TdKfpZja9G-QjjyYCOp4WeJg3svwnv6PQPzNmcmF1bbmh-7WseI_LvEVSCmWBP4qALW9Lh4UcLo9O5QeKtzv_WZA-EJ2_ESzaftlZN40t4qa5f4Cz70-JbF8ifXhIWPDIJfdx8KrvvNKLp6wYVqZ3yEKwqyce27WgZeOv97A6XVXLlCWWwg-HXFDloJsIXKXonbfGzHwYUnSnz5bwSdym6zl1X6eQcCqV09ESUAo3dN7ld6F4JPxSn2ixIhK0u0qOCmYaDOmUj7yQzSMpSmddCIVNLJLcJLecJrjUWt2OnLQxt56yoCk2vwkWiGvPrhdsyUryXeKp3c6h0WetDz0aKSU2PZ1XERy4u18qSUux-j55akxykv20w0XbeHavOtEjeUTFABTOYtoqOiaWgZiOXEkagKOy30L4qGLWLwPUC9GCCCHZpA3_sOLg_xoP8TBNnp7HWUubCrfk7Tii5Rx1zGEeGLwdmlGnZ5URFqjeT6MECrIkNMuPNVWX1Tqbx9IvBjn-Ain9mTmkF7RxZRA0vm8B-xEDj3mHtMRhlB-4JAA3mhPTkAXOtsla9S1oyFnlq08e8iKKFL17Qe87G2-GtvysUJrol3H6p7UMhZCjCXjAVKyKnqHk5UCgplCRw2p9r-5BO-RbnxU-v1NUJgwKUthUdIxFnvVqfbU1fRqS55M3qxT3KsTUVqersxJYPWpLa-mdLNkWd6OwZfkMEzXyLr87O8islWcVLditSmfouOEt6ParBueREBzop-fz--UiWALvY60NNdXrjuEKJ471b9Ny-Se9NKGMCDfNqYb3Ud9JNekF0fGvOYp_d9SZ5RMOidQbVJtjTWwpsVyGMPBvvjcSgLwQk-0xf1E1HU533x4Jgm0BgzvrjjRE8LlQgRk3S2V8zYvZO5P29xnCB1-RulMiV_2lh6aTCZZmdnY6OKa85qPfV7a5wPXN8aMC7e0cwUahveDEmg3IvTfizRihp176n67BJdNHnjme5v9UqqjJf5UKky_O3LkLMaSEml4BpL1FZZahYLJfw2mx5T48szmKceXJ96vVNWbyJd4uxZrciFn88mCmJikydi-sS5ErkSCtaI99hNa2W6aHBtF9qBttjfyBFrbYaa947yyUjvSlR5EM6fBnAtNojfNoW5v2hIJEtFx0UrcCxEvOf7WE_MonCcQSktIFCpBUaRFnWtAE6fOcRR36NQYIaG4O9pjVE5gPMUa5qyX-Q7JrN0pPQd6LRx_E1jccx9gej_aPHQXw4job9Kkf-09gqkF3toUDkwa6MiG75G2CDy4XZOAtgOj75laQ1SiNz47jniw9O7j53GjSnaFerRMvcLiJXyOnZaUiwZvLnsOKCZSn9_Bt4yxzHM4_0rkdMiXfepWVe9Ewqc311enI3l8Y6r6hQlNohFwbG3hPHvc-lO08w0yOYxmqguFabEJLvVzEr8xpqRQnEUkmge1wmGEuOXpZji_U9ObqnUC4rng6SeTWwOpRAJk3iyeX7AIkd_W1v6B0JESvbEIJMvRd_n7cKduyeCgMMYTbHXv9zfHF5fClhT1QXeys5lLe6KXDuxXG4nf-I_NZ0VIugEcpnJYJ3arKZEtcGRyyE4qCT7E00WSPsZpmaFCPOiwMkX8YFq3uIaZJ6Zv-O0By5DDnGkPbGnoHwgXnp28p40hwG66E8JS3iXkDsUvzt1lOA4Qi_2K0V7K_QLIB8jczhmSVGMTGN4Cx5vGPtG8TKqZrixohmn5Dp6vCxuvmGQHOYoXo1Dv_REdlGP8gMu89ghjWH_bZuLxln6cjZR59zK7nOzGUJj3vmevM1xb22g0vlqaMYRljPcmrRd47El2d2HO2fAIaImZQiVeKNkaYPru3fuzm3UKWWqChGsyuNBAINAeXMELuM3v5a4XPT_xvdPepmoMkPaobpnjZ8y8qeZMPOD-2ULrbMbbOqlHYYwbJ07dIn8oTPBUUIJVtMAs-rINIUh1l-EV6P8zcJXPfiM0ZP6UF07iw4JSf9_A-onhE1TPtsVO4-t_eXwAesSQWv6cxg-4_VOAJb9ADwCw37sSuWF9hu3UyFR7JtrpxCkmgtqpm3JPOw9r0OLalbwJBi7JfTRWH_ZYikXGG_VjEKdJgLc84jFljr8yfknCNUqGxtLmZ_miQ49zyALaXYHwFvlbplhwXsBvul2WfUKa3fgOh7zivDH2MV-Q3QScoiw7m1hlpM8Pz388vcXQmtk6C61lT5blvB_juHpYRUDfmMqMhg1Y_sIHUhDBYY6COasxQDLp-f9IHizz1yAEkGdX__jJL-TXL9yFgFq_UJV5E-CIaO94dwVlaAX6u3-Xe9bH0XDjFH4Mk0nv9XKZOq77MnjwOK2JirZ7EaeJa_rvXyct1w_bPg_cbY49r0HdtnQ3DL-SmC60Gcr5sdmNwXfrhsqZl5BhhIeVv_yj34DfHrMGv0C9RA5uMSq3LiYIpfdQU8Hpz&cid=CAQSPADICaaN8ZEG_xmYBDTeFc6dB4PIyjFpz_0DeTBSJHjJ40bpYnaGVKWwsAGX-RpOd15FR0FsYPU3NMXV3RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.kibrispdr.org%2F&ds=l&xdt=1&iif=1&cor=6621961274899678000&adk=2086295851&idt=121&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

271f05c07d6e9905ff7c8983df110d11d5bd9d985b77a828384a325a01842a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1C8A 172 KB
60 KB 118ms
38ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Origin: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Oct 2023 12:29:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 1C8A 11 KB
4 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq-Pr0Jl2fKM3OLiyHm196zQUub8YQyDhYEYjYOSs8Han4Byuynh8LgOEMQ-63Ik2J5dgdEofSSNdlGxVhs0BqcJAMReOITPLkMowYIXgg9JXNps8&cry=1&dbm_d=AKAmf-CDAjwKWQ_Sh2xAObkXZ_4k-USgfwyhfP7OxqgRXTyTkGRnKjFaxZyNhahwjGfC5Uu2mrdFpNbHS9RB-SVJ22sTCNfkOz5aqAvcGqK9N5ENCk44hCYVE8AXd01USUFlj4eokK1mWutfzEoGi6xF2dw3kxldjSwy3FouvUsb8u4-VuoRYxnqfz2c5RolIXkC6TvALBwtTpvtpskb9CKZEt4y4AIbHQHE6-VeTKYkTUzyaYuosLR57nsNtt1zmPvfkRfrlA0ptOLF3TUtl-s6VDc9CWTH2q1HGFSFRItMvQYmvAx7SoS6QvqucRURBjlOvBl1aGjJ-SuRhRLz5bH4Ppzxzn4qXL_-5EZWw19NtBfM9ikyCs6ADzxEFJ8H0cwMg4g3GBu2FoqArmNbW5h_uDuyAwfegRmiRxyBf9SkNewNpgDO8DZv9ajDYYDTU2qTT5IYzUzJWFx9GIuwVl0QcEfQna_OKvZB2pVprK7QBS_dHfvwrw8LzO0cpjXy0ZPZL0n3Hwwxp0WYOZznp8-gQVZmY3OKdyVZAdnL1oahBbKR3_LfZvQTvyAXklqSaUXhr7N8UbL13noLKe2ZATLm0njcSi1FBdnHRlB_pInGoFVeQQwIjgkqgWFaA6FlFlP20XO6kcipS2Ofxo9z53eK2mVhnb1r3tU6MoIkvc9_gdXPtrOdxP4KKfiTghz1YyZGf9oY5njqidmP2Vv-ciLrcuMOfXQa7JAuQ85iHiKjU3i09ZRTx_blxpGUksLJQCwK6ht8mLZZH3Q-a6D-fTnx0o_gbpgK7MY3tQWoNF67jnR8AkqCArvi7De_bmg2QsZj2y4qsMc5Wlthg5OoJnMdFjnhYWtxD2it6f5XkjQLxOjUu1_cOqbJalFtu7G2LhCUW2yfeUF6GOguGIqkn5kqIRND0aUVbNBr1ESGyS9cGP50tu9vsrErbr_eRQj-pqb8AJRUcm3S6WgNhpOkkBgh0vWfuazySXH_ksqMtnnuecnkBZhni-vJTh_zgRqf752TlhloSpm_GupthlS9PHATbTpLHfC6e_CrDnWN97wjsP_Uncqy479fvMVD0s7FxmrPK8g5tiqwbp-uOAxhldKe7pRvBdQ677VT1vUo_z2L69OvMTTyvA2UvUy9O7TO4W-ZGQvkEcvy3-0LrApED6m9_0zeOdP7DsUiaGJC7F3TdKfpZja9G-QjjyYCOp4WeJg3svwnv6PQPzNmcmF1bbmh-7WseI_LvEVSCmWBP4qALW9Lh4UcLo9O5QeKtzv_WZA-EJ2_ESzaftlZN40t4qa5f4Cz70-JbF8ifXhIWPDIJfdx8KrvvNKLp6wYVqZ3yEKwqyce27WgZeOv97A6XVXLlCWWwg-HXFDloJsIXKXonbfGzHwYUnSnz5bwSdym6zl1X6eQcCqV09ESUAo3dN7ld6F4JPxSn2ixIhK0u0qOCmYaDOmUj7yQzSMpSmddCIVNLJLcJLecJrjUWt2OnLQxt56yoCk2vwkWiGvPrhdsyUryXeKp3c6h0WetDz0aKSU2PZ1XERy4u18qSUux-j55akxykv20w0XbeHavOtEjeUTFABTOYtoqOiaWgZiOXEkagKOy30L4qGLWLwPUC9GCCCHZpA3_sOLg_xoP8TBNnp7HWUubCrfk7Tii5Rx1zGEeGLwdmlGnZ5URFqjeT6MECrIkNMuPNVWX1Tqbx9IvBjn-Ain9mTmkF7RxZRA0vm8B-xEDj3mHtMRhlB-4JAA3mhPTkAXOtsla9S1oyFnlq08e8iKKFL17Qe87G2-GtvysUJrol3H6p7UMhZCjCXjAVKyKnqHk5UCgplCRw2p9r-5BO-RbnxU-v1NUJgwKUthUdIxFnvVqfbU1fRqS55M3qxT3KsTUVqersxJYPWpLa-mdLNkWd6OwZfkMEzXyLr87O8islWcVLditSmfouOEt6ParBueREBzop-fz--UiWALvY60NNdXrjuEKJ471b9Ny-Se9NKGMCDfNqYb3Ud9JNekF0fGvOYp_d9SZ5RMOidQbVJtjTWwpsVyGMPBvvjcSgLwQk-0xf1E1HU533x4Jgm0BgzvrjjRE8LlQgRk3S2V8zYvZO5P29xnCB1-RulMiV_2lh6aTCZZmdnY6OKa85qPfV7a5wPXN8aMC7e0cwUahveDEmg3IvTfizRihp176n67BJdNHnjme5v9UqqjJf5UKky_O3LkLMaSEml4BpL1FZZahYLJfw2mx5T48szmKceXJ96vVNWbyJd4uxZrciFn88mCmJikydi-sS5ErkSCtaI99hNa2W6aHBtF9qBttjfyBFrbYaa947yyUjvSlR5EM6fBnAtNojfNoW5v2hIJEtFx0UrcCxEvOf7WE_MonCcQSktIFCpBUaRFnWtAE6fOcRR36NQYIaG4O9pjVE5gPMUa5qyX-Q7JrN0pPQd6LRx_E1jccx9gej_aPHQXw4job9Kkf-09gqkF3toUDkwa6MiG75G2CDy4XZOAtgOj75laQ1SiNz47jniw9O7j53GjSnaFerRMvcLiJXyOnZaUiwZvLnsOKCZSn9_Bt4yxzHM4_0rkdMiXfepWVe9Ewqc311enI3l8Y6r6hQlNohFwbG3hPHvc-lO08w0yOYxmqguFabEJLvVzEr8xpqRQnEUkmge1wmGEuOXpZji_U9ObqnUC4rng6SeTWwOpRAJk3iyeX7AIkd_W1v6B0JESvbEIJMvRd_n7cKduyeCgMMYTbHXv9zfHF5fClhT1QXeys5lLe6KXDuxXG4nf-I_NZ0VIugEcpnJYJ3arKZEtcGRyyE4qCT7E00WSPsZpmaFCPOiwMkX8YFq3uIaZJ6Zv-O0By5DDnGkPbGnoHwgXnp28p40hwG66E8JS3iXkDsUvzt1lOA4Qi_2K0V7K_QLIB8jczhmSVGMTGN4Cx5vGPtG8TKqZrixohmn5Dp6vCxuvmGQHOYoXo1Dv_REdlGP8gMu89ghjWH_bZuLxln6cjZR59zK7nOzGUJj3vmevM1xb22g0vlqaMYRljPcmrRd47El2d2HO2fAIaImZQiVeKNkaYPru3fuzm3UKWWqChGsyuNBAINAeXMELuM3v5a4XPT_xvdPepmoMkPaobpnjZ8y8qeZMPOD-2ULrbMbbOqlHYYwbJ07dIn8oTPBUUIJVtMAs-rINIUh1l-EV6P8zcJXPfiM0ZP6UF07iw4JSf9_A-onhE1TPtsVO4-t_eXwAesSQWv6cxg-4_VOAJb9ADwCw37sSuWF9hu3UyFR7JtrpxCkmgtqpm3JPOw9r0OLalbwJBi7JfTRWH_ZYikXGG_VjEKdJgLc84jFljr8yfknCNUqGxtLmZ_miQ49zyALaXYHwFvlbplhwXsBvul2WfUKa3fgOh7zivDH2MV-Q3QScoiw7m1hlpM8Pz388vcXQmtk6C61lT5blvB_juHpYRUDfmMqMhg1Y_sIHUhDBYY6COasxQDLp-f9IHizz1yAEkGdX__jJL-TXL9yFgFq_UJV5E-CIaO94dwVlaAX6u3-Xe9bH0XDjFH4Mk0nv9XKZOq77MnjwOK2JirZ7EaeJa_rvXyct1w_bPg_cbY49r0HdtnQ3DL-SmC60Gcr5sdmNwXfrhsqZl5BhhIeVv_yj34DfHrMGv0C9RA5uMSq3LiYIpfdQU8Hpz&cid=CAQSPADICaaN8ZEG_xmYBDTeFc6dB4PIyjFpz_0DeTBSJHjJ40bpYnaGVKWwsAGX-RpOd15FR0FsYPU3NMXV3RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.kibrispdr.org%2F&ds=l&xdt=1&iif=1&cor=6621961274899678000&adk=2086295851&idt=121&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:38:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 1C8A 30 KB
11 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:38:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C8A 41 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 12:26:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B9A5 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Sun, 08 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1C8A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72f6e41a9329f4097a432a5aa012d74fd28751391ecf197830da6d82e1c9648a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CB14 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 178950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:38:48 GMT
expires: Sat, 05 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9A5
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPFrGk8jr0AFONhWOroszCg&google_cver=1&google_push=AXcoOmQbeUzkgSlFAQJlAelv40KN2foNR9MGrrm-XmkSnh5c3nUJDgcR2QfLnnXmy7CmlCDNH_aX6UF2gRzJJGOV...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AwL0XHJIShYCgIR9eb7zJA&google_push=AXcoOmQbeUzkgSlFAQJlAelv40KN2foNR9MGrrm-XmkSnh5c3nUJDgcR2QfLnnXmy7CmlCDNH_aX6UF2gRzJJGOV1e2N7VB5L5P3

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AwL0XHJIShYCgIR9eb7zJA&google_push=AXcoOmQbeUzkgSlFAQJlAelv40KN2foNR9MGrrm-XmkSnh5c3nUJDgcR2QfLnnXmy7CmlCDNH_aX6UF2gRzJJGOV1e2N7VB5L5P3

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 08 Oct 2023 09:21:18 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AwL0XHJIShYCgIR9eb7zJA&google_push=AXcoOmQbeUzkgSlFAQJlAelv40KN2foNR9MGrrm-XmkSnh5c3nUJDgcR2QfLnnXmy7CmlCDNH_aX6UF2gRzJJGOV1e2N7VB5L5P3
x-host: tde-deliveryengine-production-8b9d7bc7f-rxtz6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame B9A5 43 B
146 B 300ms
39ms Image
image/gif 18.194.90.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFcbRAWAi8Nf6NBSS73ABcA&google_cver=1&google_push=AXcoOmTkXY6F2lTwIfEf0TONPFfb9b-mvmP7fegFsnUkItyaMIPtb-F_mje2YOklEWqvYNrC1TlrdbdG8TBgrAuA82W_RI52KYMn
Requested by: Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.90.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-90-104.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9A5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENHLeIKP7SROGya7NrMAFeU&google_cver=1&google_push=AXcoOmSuiIQpQwEuWgumghF_3xKjmOkSu0WWkg7ClmdcDZQj-94YDNplzfJbB9Na0SVJK3P84yIObtQ8LHR7yDu8prV94v9...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSuiIQpQwEuWgumghF_3xKjmOkSu0WWkg7ClmdcDZQj-94YDNplzfJbB9Na0SVJK3P84yIObtQ8LHR7yDu8prV94v95l6He&google_hm=eS1kaHJRSFpWRTJwSFE2eX...

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSuiIQpQwEuWgumghF_3xKjmOkSu0WWkg7ClmdcDZQj-94YDNplzfJbB9Na0SVJK3P84yIObtQ8LHR7yDu8prV94v95l6He&google_hm=eS1kaHJRSFpWRTJwSFE2eXptdnRoQl9QS3VtZWk3R2FXcn5B

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 08 Oct 2023 09:21:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSuiIQpQwEuWgumghF_3xKjmOkSu0WWkg7ClmdcDZQj-94YDNplzfJbB9Na0SVJK3P84yIObtQ8LHR7yDu8prV94v95l6He&google_hm=eS1kaHJRSFpWRTJwSFE2eXptdnRoQl9QS3VtZWk3R2FXcn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9A5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF51VUHytXMXYiiaChwn09g&google_cver=1&google_push=AXcoOmR9XZSj5zox-iqArhYwmZfDJGLwo77yoVMv0Jo3dSFO4_nT0-0d_lVHc2l4q8XhSmas9FJOafJR...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF51VUHytXMXYiiaChwn09g&google_cver=1&google_push=AXcoOmR9XZSj5zox-iqArhYwmZfDJGLwo77yoVMv0Jo3dSFO4_nT0-0d_lVHc2l4q8XhSmas9FJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA4MTQ4Mzk0MjY4ODI4ODgwNQ&google_push=AXcoOmR9XZSj5zox-iqArhYwmZfDJGLwo77yoVMv0Jo3dSFO4_nT0-0d_lVHc2l4q8XhSmas9FJOaf...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA4MTQ4Mzk0MjY4ODI4ODgwNQ&google_push=AXcoOmR9XZSj5zox-iqArhYwmZfDJGLwo77yoVMv0Jo3dSFO4_nT0-0d_lVHc2l4q8XhSmas9FJOafJRnMKlKMN6vp4loUI36qCz0g

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA4MTQ4Mzk0MjY4ODI4ODgwNQ&google_push=AXcoOmR9XZSj5zox-iqArhYwmZfDJGLwo77yoVMv0Jo3dSFO4_nT0-0d_lVHc2l4q8XhSmas9FJOafJRnMKlKMN6vp4loUI36qCz0g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame B9A5 43 B
245 B 137ms
47ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEELfgH-GtL2RbkOV3JLYo2o&google_cver=1&google_push=AXcoOmTDm8NiL0oJBlojcnWWiEXmnBnKZ4IAVdubUzMMZPiwGP6NOQTrRVUBziSUYWkLXtI1o_nlHD2Ic9072uP1ggREFIWL1T9r
Requested by: Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9A5
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELlJqud1QsHC98shseTnIHg&google_cver=1&google_push=AXcoOmRzuNxgC0mzr...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D&google_gid=CAESELlJqud1QsHC98shseTnIHg&google_cver=1&google_push=AXcoOmRzuNxgC0mzr1qwR_9bwbU44Zpvjb...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D&google_gid=CAESELlJqud1QsHC98shseTnIHg&google_cver=1&google_push=AXcoOmRzuNxgC0mzr1qwR_9bwbU44ZpvjbEHPEDmVBcLEc3hRbqJTWskaGL1TeijJVOMfn5rbQd6hEk6ru0JTvd7vHvW3K_gfDo7L0I

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
an-x-request-uuid: b522d88f-b796-4fac-9f67-cef480b50ae2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg3MTE0Mjg3NjYzMDk2NjcxNg%3D%3D&google_gid=CAESELlJqud1QsHC98shseTnIHg&google_cver=1&google_push=AXcoOmRzuNxgC0mzr1qwR_9bwbU44ZpvjbEHPEDmVBcLEc3hRbqJTWskaGL1TeijJVOMfn5rbQd6hEk6ru0JTvd7vHvW3K_gfDo7L0I
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame B9A5 43 B
145 B 300ms
40ms Image
image/gif 18.194.90.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKYgOVhBxUDc-Fr2QQgqgF0&google_cver=1&google_push=AXcoOmSBr-97Wcm5NJvfQ008Gbrv0Hl7cGQsr86pDp5v-BFCl2uVk7sbuckTPhZoG2nHiwdqVM9A67qfWheeJ6rEvs2t9iUwTT1vCRk
Requested by: Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.90.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-90-104.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B9A5 0
12 B 49ms
48ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lc-y-u3LcRFJQK9VvSUG4fT2_EtiDcNBDOTsRlXP_Mn0mTsveWT7EERSvCV_mEm0zBq0HxZ80

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame CB14 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/3789951846861242368/ Frame 8D12 3 KB
1013 B 48ms
48ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bd070e3aab6267e33ceb898fe6a38d4cad84030aa47e85b0a9085eca6d96a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 877
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:18 GMT
expires: Mon, 07 Oct 2024 09:21:18 GMT
last-modified: Mon, 04 Sep 2023 08:00:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C8A 0
0 87ms
86ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqKBJRDxIQX9riBmXanZP8GPdcCDOlsKTBMAW4TOmF1OwJEze7eVQWtv3bEFfJiADi7kc71n7h5nT48Ms-T0drXNRljNTRZVX5nvAMf8H5RWD4Vw8XqIJOYBffo_DIgphF4EGucl5X8G_pcWfrKvr6DmU538QnEg1Gd33N30Xdbohlf4qOHCnLttgw7Z-0Ms82bxNk1CaUw3ptyqNzeCHLWifQY_fHiJbzWWWD4xiiSyzVEw9JmPslEX-6Y2fxIl1DLrN0_Y1Noz2qMTaRq0EqhKGcCDYMXiKWpjN3PqvjPb6MGfssQ4scRVvZxJcjKlPejTRqxQ-4tnmdkpv4y36Y2QdwYYLGIPcdq_kp_0iKLbjJLqzOAtj6CBXaCCy5uO_vrPv-JAQBBQKa42IqzFMN56wXPE80w9vvANY3OATCHrO6i1RrPEf_T1wKeWd7V6IB37fQ2LX5r7LoqOuhp7KvkEq_hg-nOcNv6wDEz0rOSM73rna_QcHwQnuG98ADAthVFeQ66nBmwqQzvySwS-aCuNDkcy2ypKWOWlt5P56rbWzn9M8fhs0zvBdYVzGymux6QJArFhB4Qy5frR7jq-kWxGWv_AH8Q_BWKiCaaGvI3ssW0SCJvwg6ARIo1wnkGSFZ7zzdnl8Wd2sAKSDW-pcBRuFgWElx7DiRhEa2XTjJjDqGTPKZIGI-o4BHO_j3EqbiaidMGfOGe_A9x5waBDYQ6EGuIkQaEyoVojA9Bqv9mwp9GKa62x_W5bVOxZpf77zQ_-FbChHzZxVNe93Udm3NOZVclC1WORahCle1SvVKWmuZ-PAxVSpLlrXMCDb4j-DUnsZqsCCrfVjgqbwh2cOvWWRer0JRUPapgcdeUb0ZGkyHaqrVKjw8f64tyQkV5EMAtvHSvllpQE3_vwf30f_q8dj04K2x3vyqlAyQbtfnjUf5Ndu_e0gl_ymLF3g5AMSfj0I41JwxSNCd0t71FHTdzyTyBrXE2cA0e3xjIn0rY7UXqb16emdTno9kwViC-gekcgYpseznp2knQscqF-EbsjqEz671Pv5aqlvOAlC5Zl5YmnTPkFAAF0VjRX7CYgsg07BE5w8R8knRqgo-sPl_MpFVh71PsMT97Y2Q2jBF-fPupWRv9DSqeph20s8FFsHAiBpiIOAAncp0JSAOAl9_a8ByVNdb2xkpKFSKgJ5tJ9wj_5unH9lfyJpuLgblD-Q3oOTDujvj7gGKHflzwQwP0GyVfTcLmnqQrzh8uwl4PkjWMOwv53D95EA7SqtKPmIOivkFzSk-9rUNfUwgWqmbeGQchYA3igpkvl0FyCIXpEugkFm1FQ&sai=AMfl-YT6UBlGIjLWQZXeLDCPvGee7RacYMNCUzVWNVEVsXUk32wLKHwXbSGQvWkfi2l20MYvjpuYEoQbHpEnJGvswevaoDTQ8pRDJZ6PxCWEdnBjjhSBlsTgaLjKu3lHPS6Wt6jq-mMG216KGr5APuMeGt0_emyyBSDFpyzk5-etJBWmwAnssDoKI9lkHdz1BxSiNFeBcmmxTK267TOXExttmk-l9CBfIplxy2diXxGqVgu84XEEHSaIq8zDB4AItpEUjQH34KA&sig=Cg0ArKJSzCyN_Pw5yi7vEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=183&cbvp=1&cstd=176&cisv=r20231004.03173&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Oct 2023 09:21:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 style.css
s0.2mdn.net/sadbundle/3789951846861242368/ Frame 8D12 4 KB
1 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3789951846861242368/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5413c759814fb73854508ee65d320cdd2c00d88b645c7392a59dd6ea61deb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1094
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 08:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Oct 2024 04:00:19 GMT

GET
H2 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 8D12 120 KB
41 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Oct 2023 08:25:03 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8D12 60 KB
24 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Oct 2023 09:21:18 GMT

GET
H2 200 pa.js Show response
s0.2mdn.net/sadbundle/3789951846861242368/ Frame 8D12 4 KB
2 KB 60ms
59ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3789951846861242368/pa.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1443
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 08:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 15:31:21 GMT

GET
H2 200 logic.js Show response
s0.2mdn.net/sadbundle/3789951846861242368/ Frame 8D12 27 KB
4 KB 61ms
60ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3789951846861242368/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f7b8e9b1c53d0b86e17f608fed84d4b88311cbf7b4d43a47d7daa3b19d5828f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 08:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3854
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 08:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 08:31:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB14 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BV9s9jXQiZcDRO5Sy9u8PjbWJmAEAAAAAOAHgBAI&bg=!CgmlCUbNAAYMG8UMLBs7ADQBe5WfOMvsiVPincpU-5TGU17aQnVBvzQ3lC8K2kNylzoP30_TnXnrHih3ano9r1N2o1-tAgAAAFlSAAAABmgBBwoAAwIOGpkC-WVIQpfLgOxVFovUl9NtrbjdUxAgSV259rWkH2Ayu-O5LHb8K5lX6sSwW82heyowzX6Njy5sc0OQbSPfxaq2kcDVT1Wggc38Tpc1XjizVI3_SQv6ppBj9FvFCh1_Uh-fKa_7JB8Y3ryEdJ62NSdMDoBjcUARXuOx9hb3wqwoT1eDu7QQAoiECHjXg3y3_quAigRlsafOhbKpbK1k1fTwXpw-xn3fVFKzk77MfnfiLRHmk4H2VvTRltUeSqt13eGhgSVlIPOJsOjWNzOvXnJcbPvpW-1G0SXB3Lbme0J5HD6bVa-EGaU9YKHtpC5hEjihMmHmczredOE-9GEzOWXQhSwMfD0m16xKWr4BiYyjOe-GtzCtOm9ff78s9fpQrmnftamSl3uBuyM0OOQJcsnyU_GuK_w44zRFKGhLE7gD8qW1YZHXa7XcygWCY1aS_EYkvbfJQpilnTAR-sD7TIvzqLS8orsh3xWN8qVe62c68RuAUd-KK44WQIE8tnF9axikBFK-fx1ajYQEWjpNHjoLRvhjUZhv_S6IzYya-Dm3jGhu__bDbQ0RnvIUPi8mRgVXTBVrPOVyM2MofwYMq6gwU-_t8tRQiuR95_MwdaKGnJjVISijsq_V7nCLcKEVVBWBIZbVmu0SRub7fyzOeh1B9NJTSamvKEGg9NtqxKexLopyzTplLLnEqXs-LB7gJOpXAAnIulUn5wk_kPemK_zBSaZcn5M4vca9WZ_HQU--fEqaKlRJsPzbZFXPdSLgKhQyWVofLh4sIxI_lw1gY93qyN66l9XlEE5UWDNjuXiBDs5rZGtlSdtCRpapOKXlqCkNR0QfwpoLxcpkUUez-OdKHZ2USTjp0Lf5GAmggkFGfLdLS8H5_X_kZ770kYPMaqoVghVsGea6jcYE5RLjzm12I5s1XRU418bhty4rx6lFaVDf2p1QyVJjfKF3rfgyTCkXsC_0gTLV25fYvAdOYEMyUv3_t61yZnhDsbr-WpIqVzrpN2qvnLrylVFe

Requested by

Host: 7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
URL: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C8A 0
0 82ms
81ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqKBJRDxIQX9riBmXanZP8GPdcCDOlsKTBMAW4TOmF1OwJEze7eVQWtv3bEFfJiADi7kc71n7h5nT48Ms-T0drXNRljNTRZVX5nvAMf8H5RWD4Vw8XqIJOYBffo_DIgphF4EGucl5X8G_pcWfrKvr6DmU538QnEg1Gd33N30Xdbohlf4qOHCnLttgw7Z-0Ms82bxNk1CaUw3ptyqNzeCHLWifQY_fHiJbzWWWD4xiiSyzVEw9JmPslEX-6Y2fxIl1DLrN0_Y1Noz2qMTaRq0EqhKGcCDYMXiKWpjN3PqvjPb6MGfssQ4scRVvZxJcjKlPejTRqxQ-4tnmdkpv4y36Y2QdwYYLGIPcdq_kp_0iKLbjJLqzOAtj6CBXaCCy5uO_vrPv-JAQBBQKa42IqzFMN56wXPE80w9vvANY3OATCHrO6i1RrPEf_T1wKeWd7V6IB37fQ2LX5r7LoqOuhp7KvkEq_hg-nOcNv6wDEz0rOSM73rna_QcHwQnuG98ADAthVFeQ66nBmwqQzvySwS-aCuNDkcy2ypKWOWlt5P56rbWzn9M8fhs0zvBdYVzGymux6QJArFhB4Qy5frR7jq-kWxGWv_AH8Q_BWKiCaaGvI3ssW0SCJvwg6ARIo1wnkGSFZ7zzdnl8Wd2sAKSDW-pcBRuFgWElx7DiRhEa2XTjJjDqGTPKZIGI-o4BHO_j3EqbiaidMGfOGe_A9x5waBDYQ6EGuIkQaEyoVojA9Bqv9mwp9GKa62x_W5bVOxZpf77zQ_-FbChHzZxVNe93Udm3NOZVclC1WORahCle1SvVKWmuZ-PAxVSpLlrXMCDb4j-DUnsZqsCCrfVjgqbwh2cOvWWRer0JRUPapgcdeUb0ZGkyHaqrVKjw8f64tyQkV5EMAtvHSvllpQE3_vwf30f_q8dj04K2x3vyqlAyQbtfnjUf5Ndu_e0gl_ymLF3g5AMSfj0I41JwxSNCd0t71FHTdzyTyBrXE2cA0e3xjIn0rY7UXqb16emdTno9kwViC-gekcgYpseznp2knQscqF-EbsjqEz671Pv5aqlvOAlC5Zl5YmnTPkFAAF0VjRX7CYgsg07BE5w8R8knRqgo-sPl_MpFVh71PsMT97Y2Q2jBF-fPupWRv9DSqeph20s8FFsHAiBpiIOAAncp0JSAOAl9_a8ByVNdb2xkpKFSKgJ5tJ9wj_5unH9lfyJpuLgblD-Q3oOTDujvj7gGKHflzwQwP0GyVfTcLmnqQrzh8uwl4PkjWMOwv53D95EA7SqtKPmIOivkFzSk-9rUNfUwgWqmbeGQchYA3igpkvl0FyCIXpEugkFm1FQ&sai=AMfl-YT6UBlGIjLWQZXeLDCPvGee7RacYMNCUzVWNVEVsXUk32wLKHwXbSGQvWkfi2l20MYvjpuYEoQbHpEnJGvswevaoDTQ8pRDJZ6PxCWEdnBjjhSBlsTgaLjKu3lHPS6Wt6jq-mMG216KGr5APuMeGt0_emyyBSDFpyzk5-etJBWmwAnssDoKI9lkHdz1BxSiNFeBcmmxTK267TOXExttmk-l9CBfIplxy2diXxGqVgu84XEEHSaIq8zDB4AItpEUjQH34KA&sig=Cg0ArKJSzCyN_Pw5yi7vEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=434&vt=11&dtpt=251&dett=3&cstd=176&cisv=r20231004.03173&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.kibrispdr.org
URL: https://www.kibrispdr.org/detail-10/linux-ubuntu-wallpaper.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 95ms
94ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93a856667206947a254c39ffb2c49efc825f912f62eeef1a01bfe3dfb2c03547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12129
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11EE 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1698717520065&version=m202309260101&ct=76&x=1&cor=10713323696432818000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 11EE 42 B
174 B 83ms
83ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3ejgXMN4jcnVZ7p97d4-ZAEXLRA3qzbfU_8vmfyWGxbD0cHKMN1pLdL8ovqfQAxoMUE_tKpmDyoTVgXjGk-A986MNqNOhJg59kgaJ4wGDAV9xnP5GX6RvHnT2sIB1gnVy-NFwCsEmIo91&sai=AMfl-YScxrh-0XR9ZZEkxazzzZerL-UUaXS7WroYwGFk_WGScmSd2ZU4GYjebYgwJTAypgFkUVC4HpP2mioYwHQSb_dU_TBAt2h0VF8w-Pt3s18fUvw-LkDar3MGmxwvxWIpTht-q9wUYfrQmGLSBw&sig=Cg0ArKJSzPPYMPvLUgHaEAE&cid=CAQSTADICaaN0zpli--6C-QcDwhLT00kjFmEr7jnwz945x1dS-3NZ6gtj2x5QnKEYWRZEQ-b3ywGlwq0jK6AyUJ64BISiex-8XO9NKHcBwIYAQ&id=lidar2&mcvt=1109&p=929,650,1179,950&mtos=1109,1109,1109,1109,1109&tos=1109,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3252221900&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696756876817&rpt=585&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D84E 16 B
209 B 109ms
109ms Fetch
application/json 52.56.171.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.171.192 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-171-192.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 160ms
46ms Preflight 52.56.171.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.171.192 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-171-192.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 08 Oct 2023 09:21:18 GMT
server: nginx

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/3789951846861242368/ Frame 8D12 366 B
298 B 41ms
39ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3789951846861242368/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3789951846861242368/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521049
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 08:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 08:37:09 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/3789951846861242368/ Frame 8D12 23 KB
23 KB 42ms
39ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3789951846861242368/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3789951846861242368/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 08:36:59 GMT
x-content-type-options: nosniff
age: 521059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23072
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 08:00:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 08:36:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8D12 7 KB
6 KB 81ms
81ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dec1dd2a5bd9b1ed3901312ce0f19ebdb807a346315cb343605dfb7f481dc352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5637
x-xss-protection: 0

GET
H3 200 60029391_20230503010142811_logo_kia.svg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 8D12 1 KB
702 B 48ms
47ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230503010142811_logo_kia.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 07:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 13:51:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Oct 2023 07:15:00 GMT

GET
H3 200 60029391_20230515061516972_CeedSW_320x50_01.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 8D12 6 KB
6 KB 51ms
50ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515061516972_CeedSW_320x50_01.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6541c00c87654684defac87ca8758702110a498a7c6be1e981d606c0ba37e699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:17:08 GMT
x-content-type-options: nosniff
age: 14650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6439
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:15:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Oct 2023 05:17:08 GMT

GET
H3 200 60029391_20230515061520207_CeedSW_320x50_02.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 8D12 8 KB
8 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515061520207_CeedSW_320x50_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95f44abd66eae658d5ba4ca7b52c19f67e5bc68b37a1b1dffd92c9c523aa1bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:19:13 GMT
x-content-type-options: nosniff
age: 18125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8030
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:15:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Oct 2023 04:19:13 GMT

GET
H3 200 60029391_20230515061521273_CeedSW_320x50_03.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 8D12 7 KB
7 KB 60ms
60ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515061521273_CeedSW_320x50_03.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c88b4ce5798e8cc95bf1f4dfe641d2fa10dc8589384435b93abacc0cb6eb4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:17:08 GMT
x-content-type-options: nosniff
age: 14650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7397
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:15:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Oct 2023 05:17:08 GMT

GET
H3 200 60029391_20230515061524557_CeedSW_320x50_04.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 8D12 5 KB
5 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515061524557_CeedSW_320x50_04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b9d1221b8aa0b6c92e5b7ce3cf58fc1661caafb63a453ddf882bd5b147c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3789951846861242368/index.html?e=69&leftOffset=0&topOffset=0&c=sWxlUASwpM&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:17:08 GMT
x-content-type-options: nosniff
age: 14650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5443
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:15:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Oct 2023 05:17:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Oct 2023 09:21:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F906 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 89213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 08:34:25 GMT
expires: Sun, 06 Oct 2024 08:34:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EBCB 829 B
998 B 51ms
50ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

801e0d5b9819c28286c8b0fc44f2112ae899d20c7f85d1a3ce2fef715c933aca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KdVVcYmDmpYAh_7M_sRkeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kibrispdr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KdVVcYmDmpYAh_7M_sRkeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 09:21:18 GMT
expires: Sun, 08 Oct 2023 09:21:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D12 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Oct 2023 09:21:18 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame F906 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 19:05:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBCB 0
0 73ms
73ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=4418733989599691&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A95 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 19:05:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F906 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?O9bNDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 09:21:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D84E 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=865514870318&version=m202309260101&ct=77&x=1&cor=13899249231744807000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C8A 42 B
64 B 83ms
83ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsti1-2ghz9tsflJLpCYa2YlZ3FeQE0SEVn94sdT6vTwc-9gAkBWpBX2Fb01OXjWpGpA-kxx6KhRr220XRcY9rNg02O4QhG0It3LBjCapIJBprwe-sBl3sObKg4FL0SGCX-_-oBpJ4cdXdAM&sai=AMfl-YToDiY0lYv8lNibZx0Y0ib6FWngKc1oAxaKGvvJS9VfNWVZInrjLsRKgZay1TvubTtYcouv0jTC0ztTc62lKUfkPlH5T9KGCChFs7w-QJT1HSSKpQnIuc_nG7Y0&sig=Cg0ArKJSzPTt7-8qQ7WVEAE&cid=CAQSPADICaaN8ZEG_xmYBDTeFc6dB4PIyjFpz_0DeTBSJHjJ40bpYnaGVKWwsAGX-RpOd15FR0FsYPU3NMXV3RgB&id=lidar2&mcvt=1000&p=1150,640,1200,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3094767359&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696756877753&rpt=330&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=4418733989599691&bg=!dXaldjnNAAbjlzx0w5c7ADQBe5WfOOS2KSsw-THWgr9bVa6C6CCuPSGbTOg8609r_ZWjtFKJJJQyYZyzD90lgz2bivFtAgAAAH5SAAAABWgBB5kCt5ovJnYYbPFdc8W0NMfpVKftis4Hl6GfHw8MM3eebhdn9CGh8ozsfCzeBYfAdBgmHIcJClQf0w0ylK4PzodjKl_4Y9lbIrPmgYnXO5ZtFWWauQrV_kZAQxbYk3Z3edkX8ghaf4qgr4Xje5RIT5WbSCYXEZefInlG02M2Qap8xeXHQxDlzkWPDMUbRFJ6pJnfXeN7HKSkhw3Tl7vSqvKcUkAqXx6Z7x8ZHFYcFWkp0NG6jHUV_flvLVjP7nsLYrnqNfiX39Grr3_B6pM6-gUEaSteJcXAb7dD240e84wpr3MEolKGp4HUNgAFnFH0ZMTxLLW4jGKA2l79E76dADeCADQwNRhNJUh_xZaFtmisBuIznE1F_ZZrNlioLgr-GFZdlMfb0WRtmX6Cdf8szJYBSTrBs6ma7b4XbAgDz1McLv0VrZy5BrHLuOG7eFFZJVf9B-k2WwzMXuk3EN4ObgzoIHk5lmOU4SgQGAw-otYlFed56sFowC81YTvmVnBx5TifAgKM5cjBHAGQWn-B0UJX2FE7xOg0olPHLwdeb4vRKq3Gh9ved0NgdRVxj3Ec2AAiCLCOwAMJgwi3zme92NAFic2xJvILESTajVYiE_EQm5h0rGPGIEzPgwi4r1Z4yrjqfSfaIAdnqVbVJRPqmiG7K9hV_XmjkqJDXw_SGz9OPPIPq1sIIz_ssPyIUM1YNY5DNRLf_IvrhGTODW-NCsSc_xq79HpNYwfNGwA9tKNze_A_e2JVGrY5AxWScdmElEa6bhxqyWltKvOQdBzxxTFXaOnP1sAJV38fGBBlODWApgOr7GK6AjTx9kLgYfCJ9xD21viuZv-KMA5HzFGpeHN_kjki0Z5fX57WY9rQQfz-7T1koN4yQqz1q1h-oKYMlHpLuvtIWvSjrfoo96YcnUH-fZx1eAfGcxlf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kibrispdr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C8A 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=498053404859&version=m202309260101&ct=76&x=1&cor=6621961274899678000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2V48S6S7WL&gtm=45je3a40&_p=2071074017&cid=1247403905.1696756876&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1696756877&sct=1&seg=0&dl=https%3A%2F%2Fwww.kibrispdr.org%2Fdetail-10%2Flinux-ubuntu-wallpaper.html&dt=Detail%20Linux%20Ubuntu%20Wallpaper%20Koleksi%20Nomer%2011&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2V48S6S7WL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kibrispdr.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 09:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kibrispdr.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.aniview.com
URL: https://play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/EpicPlay%20Video%20-%2010%20min%20Extended.mp4

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-20 17:28:52	Name: uuid2 Value: 6871142876630966716
.kibrispdr.org/	1970-01-21 00:40:52	Name: __gads Value: ID=87b6d85a4eacd8a4:T=1696756876:RT=1696756876:S=ALNI_MaRDHAtnw6EfgiAT0qTquMISU_FLQ
.kibrispdr.org/	1970-01-21 00:40:52	Name: __gpi Value: UID=00000c91aea06592:T=1696756876:RT=1696756876:S=ALNI_MbP-scLwoWsxBjr1omOoBkk6-Os2Q
.casalemedia.com/	1970-01-21 00:04:52	Name: CMID Value: ZSJ0jNAYbgu95Ly5eB5kbQAA
.casalemedia.com/	1970-01-20 17:28:52	Name: CMPS Value: 3178
.casalemedia.com/	1970-01-20 17:28:52	Name: CMPRO Value: 3178
.doubleclick.net/	1970-01-20 19:38:28	Name: APC Value: AfxxVi5jFMwBQOnwhPy46yQAhM_aHvHlh17FuIJo_SsX6fBmTSyIGw
.doubleclick.net/	1970-01-21 00:40:52	Name: IDE Value: AHWqTUkBhf7YirQ-RAfXsBtVfOQfnUVVGQLW47piaFrtNSUD84O9Ya9KFJH4WqIjV2w
.redintelligence.net/	1970-01-20 17:28:52	Name: 8lcfmzhxc8d6_uid Value: c1515146e9b03976
.awin1.com/	1970-01-20 15:29:21	Name: awpv11601 Value: 113440\|1696756877\|090ae4f0-65bc-11ee-898e-223287d3f473
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.kibrispdr.org/	1970-01-21 00:55:16	Name: _ga Value: GA1.2.1247403905.1696756876
.kibrispdr.org/	1970-01-20 15:20:43	Name: _gid Value: GA1.2.870514011.1696756878
.kibrispdr.org/	1970-01-20 15:19:16	Name: _gat_gtag_UA_9601536_26 Value: 1
.kibrispdr.org/	1970-01-21 00:04:52	Name: cf_clearance Value: TGx0ubTBBG0lfyZ8uu.ABDQsI1cmTaUYgr5eqs66igw-1696756877-0-1-68136468.580f3505.889bdc1a-0.2.1696756877
.office-partner.de/	1970-01-21 00:55:16	Name: source Value: {"webgains_webgains":{"timestamp":1696756877739,"clickCookie":false}}
.kibrispdr.org/	1970-01-21 00:55:16	Name: _ga_2V48S6S7WL Value: GS1.1.1696756877.1.0.1696756877.60.0.0
.adnxs.com/	1970-01-20 17:28:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%uihA'e!]tcN8i_iqf!oN/@E'zz<*Z0QpK99$ewgK#R!Wr]t[ZeDGnAlDj=%<zUct^`/X%W#.wL4W1Qw1DAZcC+
.adform.net/	1970-01-20 16:03:55	Name: C Value: 1
.travelaudience.com/	1970-01-21 00:50:57	Name: _tracker Value: %7B%22UUID%22%3A%220302F45C-7248-4A16-0280-847D79BEF324%22%7D
.adform.net/	1970-01-20 16:45:40	Name: uid Value: 3081483942688288805
.yahoo.com/	1970-01-21 00:05:14	Name: A3 Value: d=AQABBI50ImUCEJOmNKv45WfaRg25diQeUH4FEgEBAQHGI2UsZQAAAAAA_eMAAA&S=AQAAAjZQO4u6-33I3duKYktzkjg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://strodong.github.io/blogger/banner.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://sluicebigheartedpeevish.com/7274f145ccd626ed577bfbc551f6d59e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://strodong.github.io/blogger/banner.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://sluicebigheartedpeevish.com/7274f145ccd626ed577bfbc551f6d59e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://sluicebigheartedpeevish.com/7274f145ccd626ed577bfbc551f6d59e/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
7870817c2bd08508611d963e57fa70d1.safeframe.googlesyndication.com
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
c1.adform.net
cdn.kibrispdr.org
cdn.pnghd.pics
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
play.aniview.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
pv.medialead.de
region1.analytics.google.com
rtb.openx.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
sluicebigheartedpeevish.com
stats.g.doubleclick.net
storage.googleapis.com
strodong.github.io
tg1.aniview.com
tpc.googlesyndication.com
track.webgains.com
track1.aniview.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.kibrispdr.org
x.bidswitch.net
play.aniview.com
104.102.45.165
104.18.27.193
13.43.154.56
138.201.63.149
138.201.63.157
142.250.185.194
142.250.186.38
145.239.193.130
173.233.137.52
18.194.90.104
18.66.147.41
2001:4860:4802:34::36
216.58.212.130
2600:9000:2490:8800:d:7521:8a00:93a1
2606:4700:3033::6815:2108
2606:50c0:8003::153
2a00:1450:4001:800::200a
2a00:1450:4001:801::201b
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:595::2c79
2a05:d018:d29:3605:baeb:931e:26a0:842
2a0b:4d07:101::1
35.169.13.38
35.186.253.211
35.190.0.66
37.157.3.30
37.252.171.52
52.56.171.192
69.16.175.10
94.23.99.218
99.86.4.94
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
05ba15e7c88102f7b1face40c8df1bba2dfd2f66d16a209952460f2644e87f16
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e85590640946c32df45b93943bac4f6c376783029f93a122327f0790296118d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14ac66474054515afa9e87231bd6840224714d6a558395f033bf3c0dfc1bb2a3
16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7
1b1fa7234408d31c2ff8c33143d4c3292cfa923adb32c4f5848a4dcb16a2f08f
1c1fa4872c626be3584b7f7cca74901414ab7d262ebe707e51e9388f1cff2e27
200dee27d7ff2ce47ef24b62a988670383263fbbeb183c7eed7e599175f81e10
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
271f05c07d6e9905ff7c8983df110d11d5bd9d985b77a828384a325a01842a54
28274d4c0671543fff87c00d9aaf3db59622df2040c6df3aa78645a70020a05c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeafbf6e8c39cb74e58548f68bca84b2a785ae31e065f81b01247cb2bbba3a2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32ae18172205fa1d2643d2b229b99ef6150864c58a4cbcef7ff4c3a1d3b3b3d3
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
37c1b11e165d13864ecd250be6427e7e22e2a7ff445fa8040ead3be0ded94d4b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a6daf1f4ec77731af33a661119a766eb255e734f45db82f435e3b510d198c22
3b9e90a5fbc13fff5ac8342cd2af0316342cf5070859cddb621b3ec1f94896b8
3fe4e5d5fc1c557e47312257d2e32df4822753e94e976c6487eaee8f942856e0
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4b2ef7a267f6e6ec05e6c4cf9c71247271650a82716774767ce4285edb5c2ac1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
4bd070e3aab6267e33ceb898fe6a38d4cad84030aa47e85b0a9085eca6d96a0f
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e432570993865b4626637a8abdcc837222b4b188314d16697d371789a1feb60
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
595de9aa36eb132b74ca115c08432234e720c368ba88d95ac4eafbdfba470599
5c8350b19158354494b7e00f45bcc0ab68ef34f6de0e0b84dae4edc06435aa43
5c88b4ce5798e8cc95bf1f4dfe641d2fa10dc8589384435b93abacc0cb6eb4d1
5f7b8e9b1c53d0b86e17f608fed84d4b88311cbf7b4d43a47d7daa3b19d5828f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
62025cd20d07e646835583bf7d67e788291474fa56df1ab278b5b72d7b1a4501
62261e6166d7a7162f8f3a4809b5cb53d36cbd6707abaa7e5493a3d90ec799ae
6493ae2f8d7f5e5ba83fd7872faf459810d1b9d19c52cc85e31898fbf87f4af0
6541c00c87654684defac87ca8758702110a498a7c6be1e981d606c0ba37e699
65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
681b9d1221b8aa0b6c92e5b7ce3cf58fc1661caafb63a453ddf882bd5b147c44
69ddbcb4bf61d457e462559d6e17799779c4c7e0b6c71457c7d116f2ea298e50
6be0098860e10e261cffd5012b7d2fb0570a3e98d05464b368041ece228b49de
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
72e8e6ec865030e75174384a1222b77e6389c4ff5fb503d9f4f1561ca87b6b39
72f6e41a9329f4097a432a5aa012d74fd28751391ecf197830da6d82e1c9648a
7384941eb6908b87883d686559153ef717aab1046e46501636c51206ce368ff3
761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd
7681541ea33eafab1faa265a579e1bf4f9a12c36008cec5cb01b29fc0a07046c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bace6853c23124b4c288081d333cc52c46b2612febe0e49be1c0545a8a2baa0
801e0d5b9819c28286c8b0fc44f2112ae899d20c7f85d1a3ce2fef715c933aca
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
891edf3e5ec398b442b9f387793c3e4304776de3e96697ae4204dfa4c620fa15
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8b0dea03abdd4c793fbba0f678a968e548555a92facb697b2f38028a73c969db
936fc28708b694c540046537e9cc7c222a4c60a77621bea8a220d63d962d6a77
939bda21bfb1c1654664f9694d444019077d7f5e16ac1589e0882451bb082f47
93a856667206947a254c39ffb2c49efc825f912f62eeef1a01bfe3dfb2c03547
93acdd0868422cb8ea8372774a74bd16ce2e66e5168a213fa56ab890fc826542
95f44abd66eae658d5ba4ca7b52c19f67e5bc68b37a1b1dffd92c9c523aa1bee
96eaa3385ba7644d7b4bb6cfdbb57a0fe9a6ab1dae6932b8ea27fc8799490b16
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9ba82f97cbb7957a95505585e8cf4df056217a0256e41b9bdc5dd47d76494d8f
9d2279c20b628cf8050e193b6099cbd98ae75a282acc0d7d98d411741936f88d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a313e5fb352d98d1e58dd0836cb6c954c0c2606e28c59cd8f725b7834358de7c
a319e275a48b31327e379e20262dd78a014b788adc93a26857bbdb312193e8d1
a3fe5f3bc15b6e004540f8378f815b552e34a04260b8b8b6b930081cc1211da5
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a826a1576b10ba2b8eb50d99f39c453c0f47703cb95c31ce1fdd13d732db26b3
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
adfecc948f69313c97c6c6fa230ab8c727c6c84971222dfc90a6ed3c95cbaff3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5413c759814fb73854508ee65d320cdd2c00d88b645c7392a59dd6ea61deb77
b5b75803d849d09634248b2111690b992e578a8a5b8c38d3381e498397cd8cf0
b740be1e50481f53692bb7516edde9815ade5d5da7be6301121c74af48254e14
b7ab63d94e541965c72713e5a1703be797850dc070f101938910e303011bbefa
bafc6b02cb01cfdb4dfb4e6d93ac5389eeb63bc136db92b4baa2e0a157207cd0
bcb6288c0c452016a9d70961e0eb8350e2f7d93dcf6dacaa88f8b213bd83effe
bdaef2e2f4525f0046229e0e865f7d64c5ea19f5c39cf54d9228a0214e50e725
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c0d0c7a6a7cc8368cc8c167f51d21ce950bb10db64a1aba108ca2210935e79fa
c0e85a804a77384d93c5b83792f0eac15cadae09c46744d33016b16bed720fa3
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c30b985f4309cba1f61f750679c9d0c4f74825dac750adc9ec9bed7bdfb2a256
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e
c8ac0b35cb0e4d7a954fa6b90eb28bba6a8b7a9e0c90ecb12cb9781509f0894d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cdd88d419308a1c4a115a80480de2d4513af5f0216baac7b15c2bf26d789b159
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
d4c809d7eb859e9e63a32e0f240dbae81d391cef874d21e327f073a08e0dcc5f
d8ac369a29db05063577e7554f0f3d302c5b636f7f1ba5ed303f5b9c464c472b
d9d06ad12b0e932d3d87b8448278581aa02c596e6b98ea3d212eba3252e56edb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec1dd2a5bd9b1ed3901312ce0f19ebdb807a346315cb343605dfb7f481dc352
e323d06dfaeb8c647791ed12d837d7069c8fbabad549739f588429383b8c69d1
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e809beff76ac0155f41f07b08ce2e0bbb3e817aaa99954077a71932015142959
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
eb481da6943ff90659d633d2627cd3a2538ea30dcd791bd540a416a61d1499f1
eb4d6b6d80811992b8411e4668ecf43cbf47dbd5a720f9dd138a3a71f22fa663
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebf379118ac98658f9460b76744135c9385c90c698a0b85443f47bad46ce17c0
eecb6f1d472c1008b7a1e5abe84eb6c658c9d430f117e3d7ce841699eff83b10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef20e6454d107e698e67fc13a44c9ecb7d76d4ea84900371682502f75c99c8b2
f16e1b9e3ca61b977c00e7773bace4ce91b69a33f2e186f9993d9850fc12b019
f2113de896c7ffcc1d75fe539e9ba823bb93ada5cbf6fa83873d35a042b2ca46
f21bad43d34adafa5e76e094e56a45bc275ac98bc994f74c8836035b6151620a
f21fcdac2b6fd941173904fc102e17b105a56f0096ada7b422b9820b60f5e96a
f538f40a4cb488a6b593ceba49109d4831ab475d5a9796e27fc9b6a5bbe0bce6
fdbfe137f5064c22a1874bff725a30ba8eb72f3c35d19c1b1c1108af55e41ee9

www.kibrispdr.org Open in urlscan Pro 2606:4700:3033::6815:2108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

204 Requests

82 %HTTPS

51 %IPv6

31 Domains

49 Subdomains

40 IPs

9 Countries

4573 kBTransfer

10025 kBSize

22 Cookies

34 Outgoing links

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.kibrispdr.org Open in urlscan Pro
2606:4700:3033::6815:2108 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

82 %
HTTPS

51 %
IPv6

31
Domains

49
Subdomains

40
IPs

9
Countries

4573 kB
Transfer

10025 kB
Size

22
Cookies

204 HTTP transactions
11 data transactions