m.fanfiction.net Open in urlscan Pro
2606:4700::6812:13f2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.fanfiction.net/
Effective URL:
https://m.fanfiction.net/
Submission: On October 15 via api (October 15th 2023, 9:37:51 pm UTC) from US — Scanned from DE

Summary HTTP 143 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 24 domains to perform 143 HTTP transactions. The main IP is 2606:4700::6812:13f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.fanfiction.net. The Cisco Umbrella rank of the primary domain is 103127.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 18th 2023. Valid for: a year.

This is the only time m.fanfiction.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	2606:4700::68... 2606:4700::6812:13f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 27	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
19	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
7	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4006:807::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.133.154 74.125.133.154	15169 (GOOGLE) (GOOGLE)
4	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
18	104.244.43.131 104.244.43.131	54113 (FASTLY) (FASTLY)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
1	172.64.151.202 172.64.151.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1 4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
2	104.119.108.55 104.119.108.55	16625 (AKAMAI-AS) (AKAMAI-AS)
2	145.239.193.130 145.239.193.130	() ()
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	3.9.163.207 3.9.163.207	() ()
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:806::2008	() ()
1	18.65.39.98 18.65.39.98	() ()
1	99.86.4.52 99.86.4.52	() ()
143	34

9 2606:4700::6812:13f2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

m.fanfiction.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

ff77.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4006:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (Toenisvorst, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.244.43.131 (United States)

ASN54113 (FASTLY, US)

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.202 (United States)

ASN13335 (CLOUDFLARENET, US)

vast.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.119.108.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-119-108-55.deploy.static.akamaitechnologies.com

secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (None, )

ASN- ()

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.163.207 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.98 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	439 KB
26	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1192 syndication.twitter.com — Cisco Umbrella Rank: 1427	678 KB
22	twimg.com abs-0.twimg.com — Cisco Umbrella Rank: 3413 abs.twimg.com — Cisco Umbrella Rank: 2705 pbs.twimg.com — Cisco Umbrella Rank: 1096	28 KB
15	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 bid.g.doubleclick.net — Cisco Umbrella Rank: 1020 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 286096	127 KB
9	fanfiction.net 2 redirects m.fanfiction.net — Cisco Umbrella Rank: 103127	64 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal90007.redintelligence.net — Cisco Umbrella Rank: 264997	38 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	49 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 imasdk.googleapis.com — Cisco Umbrella Rank: 498	136 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	3 KB
3	medialead.de 1 redirects pv.medialead.de medialead.de — Cisco Umbrella Rank: 51384	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	607 B
2	googletagmanager.com www.googletagmanager.com	152 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 164332	6 KB
2	flashtalking.com secure.flashtalking.com — Cisco Umbrella Rank: 2734 cdn.flashtalking.com — Cisco Umbrella Rank: 1384	7 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	b-cdn.net ff77.b-cdn.net — Cisco Umbrella Rank: 88248	2 KB
1	webgains.team cdn.track.production.webgains.team	3 KB
1	webgains.io analytics.webgains.io	18 KB
1	google.com adservice.google.com	401 B
1	webgains.com track.webgains.com	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 354180	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 270642	931 B
1	doubleverify.com vast.doubleverify.com — Cisco Umbrella Rank: 2133	4 KB
143	24

	Domain	Requested by
19	platform.twitter.com	m.fanfiction.net platform.twitter.com syndication.twitter.com
18	abs-0.twimg.com	syndication.twitter.com platform.twitter.com
18	pagead2.googlesyndication.com	m.fanfiction.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net m.fanfiction.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
9	m.fanfiction.net	2 redirects m.fanfiction.net
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com m.fanfiction.net
7	syndication.twitter.com	platform.twitter.com syndication.twitter.com m.fanfiction.net
5	csi.gstatic.com	imasdk.googleapis.com
4	hal90007.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90007.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90007.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net hal90007.redintelligence.net
3	pbs.twimg.com	syndication.twitter.com platform.twitter.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	www.googletagmanager.com	adv.office-partner.de www.googletagmanager.com
2	8019191.fls.doubleclick.net	1 redirects m.fanfiction.net
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	hal90007.redintelligence.net googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.googleadservices.com	m.fanfiction.net
2	www.googletagservices.com	googleads.g.doubleclick.net m.fanfiction.net
2	ff77.b-cdn.net	m.fanfiction.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	m.fanfiction.net
1	futalis.de	hal90007.redintelligence.net
1	adv.office-partner.de	hal90007.redintelligence.net
1	cdn.flashtalking.com	m.fanfiction.net
1	secure.flashtalking.com	m.fanfiction.net
1	vast.doubleverify.com	imasdk.googleapis.com
1	abs.twimg.com	platform.twitter.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
143	38

This site contains links to these domains. Also see Links.

Domain
www.twitter.com

Subject Issuer	Validity	Valid
m.fanfiction.net Cloudflare Inc ECC CA-3	`2023-09-18` - `2024-09-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
vast.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-06-11` - `2024-07-12`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://m.fanfiction.net/
Frame ID: 55F33E288CA6AA7F2839FEFEC6C6FEAA
Requests: 17 HTTP requests in this frame

Frame: https://m.fanfiction.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 9651A5B357FF0C825F6305C862996D5D
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fm.fanfiction.net
Frame ID: C79586DFF36EBCD72E652607B229C47C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: CA8D646D635372EE5B8D3FF58C14D55C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8698054525611092&output=html&h=100&slotname=8387080366&adk=3657489682&adf=1501933924&pi=t.ma~as.8387080366&w=320&lmt=1697398227&format=320x100&url=https%3A%2F%2Fm.fanfiction.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697405864965&bpp=8&bdt=177&idt=206&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&correlator=576760321264&frm=20&pv=2&ga_vid=444966531.1697405865&ga_sid=1697405865&ga_hid=1683122424&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44805099%2C44805336%2C31078301&oid=2&pvsid=2297776431034624&tmod=1128164846&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=An3csQgMv0&p=https%3A//m.fanfiction.net&dtd=220
Frame ID: 0006C82E63288FE99DC44761CE8AEF0C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8698054525611092&output=html&adk=3046330955&adf=2044148826&lmt=1697398227&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm.fanfiction.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697405865001&bpp=2&bdt=213&idt=200&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&nras=1&correlator=576760321264&frm=20&pv=1&ga_vid=444966531.1697405865&ga_sid=1697405865&ga_hid=1683122424&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44805099%2C44805336%2C31078301&oid=2&pvsid=2297776431034624&tmod=1128164846&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=209
Frame ID: 2BE79B1DBB24C3926CAE84B245AFD09F
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Frame ID: 671EDC51991B64812F65D8E65EBB5E65
Requests: 44 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js
Frame ID: 63DA37A2192B533529541133E611269F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6C40387BBD93D212AA16F76203168A2B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: B120BB79B8A06BE118885C6170E64030
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVdsCKKblkZCcfIZVDin_V4wtFgw-ckg4LvnyD9OTiuJG-PTSyV6nCPNfyXTS1tkei1MCzTIi_WFBU52TWZOLy5IiiahitspulIAPFB3b1ib1e56T8LH3oZFWTsQPkGOqzw-CRXnc0-SHabZzmVpWU2Fr05W_BKShIsPy9WQZGKR3Gre4k
Frame ID: DBDB25C0A1E043A34D246480E8CA17A1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 92CED10F534A349C635289901B84E7EE
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Frame ID: 4F77C93CB58AA4481A3CF5B7FD6E9ABD
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5AEF392EF4B909ED9F3390C43B809BCE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 33F8F6FECF74121E3BD6EE00D38A5C4A
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=11526600108618904444550012478007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 9E840902E82205FECC44B2CDD229C1E6
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 75427602AFEB55D5D0F5D5D91701B477
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3199324476
Frame ID: C533DD5BE78937B32F622DD353AF9662
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387
Frame ID: A69714413FC36CAAFCAFCA5FF1A7EDC0
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=11526600108618904444550012478007&a=b25dcea2
Frame ID: DE31B17FA23329D7F1D13568670E9447
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FanFiction Mobile

Page URL History Show full URLs

http://m.fanfiction.net/ HTTP 301
https://m.fanfiction.net/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

143
Requests

94 %
HTTPS

47 %
IPv6

24
Domains

38
Subdomains

34
IPs

6
Countries

1872 kB
Transfer

28336 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.twitter.com/fictionpress
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.fanfiction.net/ HTTP 301
https://m.fanfiction.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://m.fanfiction.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://m.fanfiction.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 30

https://googleads.g.doubleclick.net/pagead/adview?ai=CIV6GqVssZcuQDtLJ6gTv2Zj4ArvB2MBzlJ6f4sERZBABINWguSJglYqQgqAHoAGwp6-7AcgBCakC3vU6GeShsT6oAwHIA8sEqgTHAU_QCeueHiV65-7KequZ8RQ0w9CBmI66MhH8xwvN-ARG1sF0YTanMViZfD1eh_KTIcy5ijV5Ly7jNfZ5OZKJoKxKslIFNv4-g4v2QaSnW9QXEyz33sZMKSrxURS4JH4hpIl36wtOCddvWh2pzyQYmv5UoLWyfJpIRcMfvFdH0K-X2nDjBwOJGFwzNamVECLM3jEInjSjjZWiqd93sDbEWURAySQxGKDaAKzOYGyvZHP8ZcNBaEl9caJKFh9PtQZFo8OLxTPucGzABLv7gOS0BIgF1cTc1kqSBQQIBBgBkgUECAUYBKAGLoAHuNjQxAKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCflQjSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkgaHR0cHM6Ly93d3cuZWluZmFjaC0xYXBoYXJtYS5kZS-ACgHICwGYDJyfo7m8BLgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItODY5ODA1NDUyNTYxMTA5MhgA&sigh=63wIlbAR4Dw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNdLaXJNIq3lImUfUc4cXc00ppC8JFSppIXl1Z_ir3u5AxtzHmUJLJeICwNWjShX3N6alM1p53g9MxbMDHqVvF112GdrhVnhgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228662331398613391730%22,%22debug_reporting%22:true,%22destination%22:%22https://einfach-1apharma.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22392942512%22],%224%22:[%2210-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213250396477413361089%22}&andc=true

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2D0CKKBDV4poyHX-_zABQ&google_cver=1

Request Chain 62

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSxbqgCghZEJ84PwEWuNGQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2D0CKKBDV4poyHX-_zABQ&google_cver=1

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIDcZSQNogR2a4yHIHjx9TM&google_cver=1

Request Chain 64

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk0MTI4ODM4MjE5Njk2NzQyNA%3D%3D

Request Chain 97

https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D3046330952%26client%3Dca-pub-8698054525611092%26fa%3D2%26ifi%3D4%26uci%3Da!4%26xpc%3DfBR6fjEsD6%26p%3Dhttps%253A%2F%2Fm.fanfiction.net&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.fanfiction.net&random=7701372294184&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D3046330952%26client%3Dca-pub-8698054525611092%26fa%3D2%26ifi%3D4%26uci%3Da!4%26xpc%3DfBR6fjEsD6%26p%3Dhttps%253A%2F%2Fm.fanfiction.net&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.fanfiction.net&random=7701372294184&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 106

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=11526600108618904444550012478007&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3199324476

Request Chain 108

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387

Request Chain 110

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11526600108618904444550012478007&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11526600108618904444550012478007&t=htlp&gdpr=1&consent=1&gdpr_consent=

143 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
m.fanfiction.net/
Redirect Chain

http://m.fanfiction.net/
https://m.fanfiction.net/

14 KB
5 KB

218ms
198ms

Document
text/html

2606:4700::6812:13f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd44417f0404284ff6cf70d4a933da52b0120e03215995a0bb2ec4c680329701

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300
cf-cache-status: HIT
cf-ray: 816b347daa99372f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 15 Oct 2023 21:37:44 GMT
last-modified: Sun, 15 Oct 2023 21:30:27 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-monk: 1
x-xss-protection: 1;mode=block

Redirect headers

CF-RAY: 816b347d684835f3-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 15 Oct 2023 21:37:44 GMT
Expires: Sun, 15 Oct 2023 22:37:44 GMT
Location: https://m.fanfiction.net/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 121ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d083462e5c6148e3ffd7734a073cf8c41b191beaca55f961c76eb45eab28c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51222
x-xss-protection: 0
server: cafe
etag: 2287045709223462300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 21:37:44 GMT

GET
H2 200 xss24.css
m.fanfiction.net/static/styles/ 113 KB
20 KB 48ms
47ms Stylesheet
text/css 2606:4700::6812:13f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.fanfiction.net/static/styles/xss24.css?v=1.0.0

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

433cbbfbc4da43ce1cab7e8a549ffa0dc2dfbff9f874be816c3f6d99edba187c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 50570
cf-polished: origSize=116384
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
cf-bgj: minify
last-modified: Sun, 25 Nov 2018 09:38:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 816b347efbab372f-FRA
expires: Sun, 15 Oct 2023 13:14:43 GMT

GET
H2 200 ffm10.js Show response
m.fanfiction.net/static/scripts/ 94 KB
34 KB 50ms
49ms Script
application/javascript 2606:4700::6812:13f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.fanfiction.net/static/scripts/ffm10.js?v=1.0.0

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47fa0492471e29727e969f288a122f02c8ca93f15c2232982bebd85b5b95d7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 48930
cf-polished: origSize=96309
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
cf-bgj: minify
last-modified: Sun, 25 Nov 2018 09:38:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 816b347efbac372f-FRA
expires: Sun, 15 Oct 2023 10:51:30 GMT

GET
H2 200 ff-icon-128.png
m.fanfiction.net/static/icons3/ 506 B
669 B 49ms
48ms Image
image/webp 2606:4700::6812:13f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.fanfiction.net/static/icons3/ff-icon-128.png

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2059adc7c98d335ae12b6e518e8478e64e7f13ae592172142a57bf32a1a7f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 747876
cf-polished: origFmt=png, origSize=604
content-disposition: inline; filename="ff-icon-128.webp"
alt-svc: h3=":443"; ma=86400
content-length: 506
x-xss-protection: 1;mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 01 Nov 2022 22:59:10 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 816b347efbad372f-FRA
expires: Sat, 16 Sep 2023 15:57:21 GMT

GET
H2 200 arrow-skip-270.png
m.fanfiction.net/static/fcons/ 328 B
557 B 34ms
34ms Image
image/webp 2606:4700::6812:13f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.fanfiction.net/static/fcons/arrow-skip-270.png

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e77503b3d2de51df8e79e4aa5fde3ba13f14e306d98b9d464b207d4d9c63ef25

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 747876
cf-polished: origFmt=png, origSize=556
content-disposition: inline; filename="arrow-skip-270.webp"
alt-svc: h3=":443"; ma=86400
content-length: 328
x-xss-protection: 1;mode=block
cf-bgj: imgq:85,h2pri
last-modified: Sun, 25 Nov 2018 09:38:08 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 816b347efbaf372f-FRA
expires: Mon, 06 Nov 2023 21:17:01 GMT

GET
H2 200 script-text.png
ff77.b-cdn.net/static/fcons/ 304 B
773 B 59ms
13ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ff77.b-cdn.net/static/fcons/script-text.png
Requested by: Host: m.fanfiction.net
URL: https://m.fanfiction.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: bdedb6c977d1ebab9fe704b48e0a93f9aebb3ea4e38a9fb9ea22c5a291515f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-570
cdn-cachedat: 07/07/2023 05:21:52
cdn-pullzone: 968964
content-length: 304
last-modified: Mon, 31 Oct 2022 20:13:50 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "63602c7e-130"
content-type: image/webp
cdn-cache: HIT
cdn-uid: 57c898b9-f898-46aa-92ae-327165cbf8fa
cache-control: public, max-age=31919000
cdn-requestid: 0e5e9569e849299c40d0dbf137fd9486
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 arrow-switch.png
ff77.b-cdn.net/static/fcons/ 472 B
942 B 59ms
13ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ff77.b-cdn.net/static/fcons/arrow-switch.png
Requested by: Host: m.fanfiction.net
URL: https://m.fanfiction.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 15909e2a4cb16552bdc4297ee7445360df3e9cfe064edf50c8304688d3b71887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-576
cdn-cachedat: 07/06/2023 22:30:57
cdn-pullzone: 968964
content-length: 472
last-modified: Mon, 31 Oct 2022 20:10:43 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "63602bc3-1d8"
content-type: image/webp
cdn-cache: HIT
cdn-uid: 57c898b9-f898-46aa-92ae-327165cbf8fa
cache-control: public, max-age=31919000
cdn-requestid: f2dda92ca9fed43eea1809e1752568f8
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 64ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: m.fanfiction.net
URL: https://m.fanfiction.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:44 GMT
Content-Encoding: gzip
Age: 898
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (frb/6724)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H3

200

main.js Show response
m.fanfiction.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 9651
Redirect Chain

https://m.fanfiction.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://m.fanfiction.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
3 KB

15ms
15ms

Script
application/javascript

2606:4700::6812:13f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.fanfiction.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Server

2606:4700::6812:13f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57b181bb834d2d9a127d5ae7fc1d58886cf48c0e5cd0b71bb0ce09a13b467c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 816b347fcea33816-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 15 Oct 2023 21:37:44 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 816b347fae813816-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame C795 319 KB
104 KB 9ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fm.fanfiction.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://m.fanfiction.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 522308
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Oct 2023 21:37:44 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6796)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
134 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8698054525611092&plah=m.fanfiction.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570560b7a13d000373eef0c9833bc37450695a3e6ebe94347be3341ad10d29a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136623
x-xss-protection: 0
server: cafe
etag: 13189058060975529436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 21:37:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame CA8D 10 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.fanfiction.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 09:30:01 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 09:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 816b347daa99372f Show response
m.fanfiction.net/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9651 0
305 B 26ms
26ms XHR
text/plain 2606:4700::6812:13f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.fanfiction.net/cdn-cgi/challenge-platform/h/g/jsd/r/816b347daa99372f

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:13f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 15 Oct 2023 21:37:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: br
server: cloudflare
cf-ray: 816b34810fbc3816-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C795 869 B
659 B 176ms
125ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fm.fanfiction.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 111
date: Sun, 15 Oct 2023 21:37:44 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sun, 15 Oct 2023 21:37:45 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: d554de0024e891be
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: d6137991b8528053541a615304597627ad5b43232a18c9dc67f1657d40b04ae0
content-length: 337

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 127ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=m.fanfiction.net&callback=_gfp_s_&client=ca-pub-8698054525611092

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8698054525611092&plah=m.fanfiction.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

710a70e991d56398e7f93558fc64847c545c47015f58af3ab0c0f599eb59701f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0006 152 KB
41 KB 523ms
522ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8698054525611092&output=html&h=100&slotname=8387080366&adk=3657489682&adf=1501933924&pi=t.ma~as.8387080366&w=320&lmt=1697398227&format=320x100&url=https%3A%2F%2Fm.fanfiction.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697405864965&bpp=8&bdt=177&idt=206&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&correlator=576760321264&frm=20&pv=2&ga_vid=444966531.1697405865&ga_sid=1697405865&ga_hid=1683122424&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44805099%2C44805336%2C31078301&oid=2&pvsid=2297776431034624&tmod=1128164846&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=An3csQgMv0&p=https%3A//m.fanfiction.net&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5217d1494f12e9968654268c8f56cc85e3b6109f5d8d33dabdfdf94004d6ebe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.fanfiction.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42345
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 21:37:45 GMT
expires: Sun, 15 Oct 2023 21:37:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BE7 174 KB
41 KB 857ms
856ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8698054525611092&output=html&adk=3046330955&adf=2044148826&lmt=1697398227&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm.fanfiction.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697405865001&bpp=2&bdt=213&idt=200&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&nras=1&correlator=576760321264&frm=20&pv=1&ga_vid=444966531.1697405865&ga_sid=1697405865&ga_hid=1683122424&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44805099%2C44805336%2C31078301&oid=2&pvsid=2297776431034624&tmod=1128164846&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3213bf0ae16579f4374117a39a003c3bd4eedb04533ed3ca47347c75eba89beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.fanfiction.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 21:37:46 GMT
expires: Sun, 15 Oct 2023 21:37:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie_notice&cls=hv_center&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK timeline.adfe2c2389e3901ab04fe5f4755ea3e6.js Show response
platform.twitter.com/js/ 8 KB
4 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.adfe2c2389e3901ab04fe5f4755ea3e6.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 48c7db6d839d307798dae0e5f6a9b6b7a8c534575f6e587131fbeef6343bcec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:45 GMT
Content-Encoding: gzip
Age: 522306
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2964
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (frb/6724)
Etag: "d16435c9f33af1915656b8c5daa47152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 FictionPress Show response
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame 671E 321 KB
23 KB 825ms
825ms Document
text/html 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

7aba0e2c6c13c8b5df15015cb5abfca09d840967125c097f3d09343cafef98df

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	0

Request headers

Referer: https://m.fanfiction.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=60
content-encoding: gzip
content-length: 23112
content-type: text/html; charset=utf-8
date: Sun, 15 Oct 2023 21:37:45 GMT
etag: "505eb-Q6x7ce719+K6kpe/cGGMrviwnLc"
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: d6137991b8528053541a615304597627ad5b43232a18c9dc67f1657d40b04ae0
x-response-time: 798
x-transaction-id: 7b992563bc781923
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0006 14 KB
2 KB 81ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8698054525611092&output=html&h=100&slotname=8387080366&adk=3657489682&adf=1501933924&pi=t.ma~as.8387080366&w=320&lmt=1697398227&format=320x100&url=https%3A%2F%2Fm.fanfiction.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697405864965&bpp=8&bdt=177&idt=206&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&correlator=576760321264&frm=20&pv=2&ga_vid=444966531.1697405865&ga_sid=1697405865&ga_hid=1683122424&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=43&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44805099%2C44805336%2C31078301&oid=2&pvsid=2297776431034624&tmod=1128164846&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=An3csQgMv0&p=https%3A//m.fanfiction.net&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 15 Oct 2023 21:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 21:20:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Oct 2023 21:37:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 0006 2 KB
973 B 62ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 0006 23 KB
9 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 0006 3 KB
1 KB 61ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 0006 20 KB
9 KB 56ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0006 187 KB
59 KB 113ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 21:37:45 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 0006 35 KB
15 KB 60ms
15ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
H2 200 3836428205810490512
tpc.googlesyndication.com/simgad/ Frame 0006 5 KB
5 KB 54ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3836428205810490512?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

417222d932f02cfcd43d4751ffaeed9d88f4fd98f38cdd59b5743ec8fac3d031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:44:33 GMT
x-content-type-options: nosniff
age: 463992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4738
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 09:30:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Oct 2024 12:44:33 GMT

GET
DATA 200
OK truncated
/ Frame 0006 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2371d133cf2face007d6657ea76e84b955a17ae20dc313612a0330d1551b028c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0006 33 KB
34 KB 49ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 476907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Oct 2024 09:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0006
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIV6GqVssZcuQDtLJ6gTv2Zj4ArvB2MBzlJ6f4sERZBABINWguSJglYqQgqAHoAGwp6-7AcgBCakC3vU6GeShsT6oAwHIA8sEqgTHAU_QCeueHiV65-7KequZ8RQ0w9CBmI66MhH8xwvN-AR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228662331398613391730%22,%22debug_reporting%22:true,%22destination%22:%22https://einfach-1apharma.de%22,%22event_report_wind...

0
0

78ms
48ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228662331398613391730%22,%22debug_reporting%22:true,%22destination%22:%22https://einfach-1apharma.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22392942512%22],%224%22:[%2210-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213250396477413361089%22}&andc=true

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8662331398613391730","debug_reporting":true,"destination":"https://einfach-1apharma.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["392942512"],"4":["10-15"],"6":["true"]},"priority":"500","source_event_id":"13250396477413361089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 15 Oct 2023 21:37:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 15 Oct 2023 21:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8662331398613391730","debug_reporting":true,"destination":"https://einfach-1apharma.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["392942512"],"4":["10-15"],"6":["true"]},"priority":"500","source_event_id":"13250396477413361089"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js Show response
pagead2.googlesyndication.com/bg/ Frame 63DA 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 344466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:39 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 102ms
50ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 15 Oct 2023 21:37:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 157 KB
53 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03d7c27d48e30f626b427e4335c4a5a113be05599e4e30d95b7f3e1d5d09f4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54685
x-xss-protection: 0
server: cafe
etag: 17214288286074822842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 21:37:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-8698054525611092&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20231011_083425&sat=1697276233827&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.181&alldns=0.181&allp=9&fd=(0%2C5%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1200&abl=false&rr=n&su=m.fanfiction.net&pvc=2297776431034624&r=0.1&eid=44759837%2C44759876%2C44759927%2C44805099%2C44805336%2C31078301

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 6C40 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.fanfiction.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 10:58:41 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 10:58:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame B120 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.fanfiction.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 10:58:41 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 10:58:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK runtime-a697c5a1ae32bd7e4d42.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 4 KB
3 KB 9ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: d709d1a1a12f372cbd746fb29638bbbe4e88a256998da13c8c859a7fd6a29f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2232
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/675D)
Etag: "4e8885e68df79c40c3a7aeda8d14bb81+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK modules.20f98d7498a59035a762.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 286 KB
94 KB 17ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 95842
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6727)
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK main-fd9ef5eb169057cda26d.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 90 B
683 B 28ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Age: 522315
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 90
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6796)
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK _app-88bf420a57d49e33be53.js Show response
platform.twitter.com/_next/static/chunks/pages/ Frame 671E 1 KB
1 KB 34ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 668
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6752)
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK %5BscreenName%5D-c33f0b02841cffc3e9b4.js Show response
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame 671E 13 KB
2 KB 35ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1290
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67D4)
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _buildManifest.js Show response
platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/ Frame 671E 1 KB
1 KB 20ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_buildManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 451
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/668B)
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _ssgManifest.js Show response
platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/ Frame 671E 76 B
669 B 20ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_ssgManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Age: 522315
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 76
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6760)
Etag: "abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ Frame 6C40 4 KB
767 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 15 Oct 2023 21:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 21:09:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Oct 2023 21:37:46 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 6C40 15 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:55:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 6C40 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:52:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DBDB 624 B
245 B 27ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVdsCKKblkZCcfIZVDin_V4wtFgw-ckg4LvnyD9OTiuJG-PTSyV6nCPNfyXTS1tkei1MCzTIi_WFBU52TWZOLy5IiiahitspulIAPFB3b1ib1e56T8LH3oZFWTsQPkGOqzw-CRXnc0-SHabZzmVpWU2Fr05W_BKShIsPy9WQZGKR3Gre4k

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 21:37:46 GMT
expires: Sun, 15 Oct 2023 21:37:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 92CE 89 KB
31 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 21:37:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 92CE 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 92CE 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92CE 187 KB
59 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 21:37:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92CE 42 B
63 B 49ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Acrt2NeyuZVTYTeUHLzjEQVXiFnjQyqTIM9r_r89jpJ2SL2UBDvo-oQaF5Kbu9pjkkypNaF5G9xpdHBn5NEsSxzCHBqygST1X50S8Arrxf0aLpyeA

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92CE 0
20 B 50ms
48ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12333445640765174635&x=1&ct=77

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 4F77 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4F77 8 KB
750 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 15 Oct 2023 21:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 19:52:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Oct 2023 21:37:46 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/ Frame 4F77 15 KB
3 KB 30ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 10:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Oct 2024 14:10:07 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/ Frame 4F77 372 KB
129 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed307b9176ce74e8ec5cd56461795d1c63e3a2df73afe3dbb03731e20a8e7101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 14:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132010
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 10:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Oct 2024 14:10:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4F77 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H/1.1 200
OK 2.691622e4391d1973cb65.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 23 KB
8 KB 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 7674
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/669E)
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 16.f331e94703acc65738d5.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 38 KB
12 KB 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/16.f331e94703acc65738d5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 3effab7013cf9a1b25fc76975f042ec2caef2a7726c8de4c3de934f3de4d4adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522315
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 12161
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67BE)
Etag: "5c87233703fee60cd3de98c5812d90de+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DBDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2D0CKKBDV4poyHX-_zABQ&google_cver=1

43 B
771 B

24ms
23ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2D0CKKBDV4poyHX-_zABQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVdsCKKblkZCcfIZVDin_V4wtFgw-ckg4LvnyD9OTiuJG-PTSyV6nCPNfyXTS1tkei1MCzTIi_WFBU52TWZOLy5IiiahitspulIAPFB3b1ib1e56T8LH3oZFWTsQPkGOqzw-CRXnc0-SHabZzmVpWU2Fr05W_BKShIsPy9WQZGKR3Gre4k
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zyubRTBsSBcYISZCC91GvnmbjZAAC5le2qRbo%2FOnCFXYp3nBleBA0h8nRkj%2Be6BHviejUjkgDlsRzVlbbBG%2F1OtInkyvMTY48RtOiwUbGjwX%2FaXeImICCocrXy1uRsBRSSJ2algErdvZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 816b3488ce92373a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2D0CKKBDV4poyHX-_zABQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DBDB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSxbqgCghZEJ84PwEWuNGQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2D0CKKBDV4poyHX-_zABQ&google_cver=1

43 B
732 B

25ms
24ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2D0CKKBDV4poyHX-_zABQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVdsCKKblkZCcfIZVDin_V4wtFgw-ckg4LvnyD9OTiuJG-PTSyV6nCPNfyXTS1tkei1MCzTIi_WFBU52TWZOLy5IiiahitspulIAPFB3b1ib1e56T8LH3oZFWTsQPkGOqzw-CRXnc0-SHabZzmVpWU2Fr05W_BKShIsPy9WQZGKR3Gre4k
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqmiPoAjhfadnkUu5wYGMWimWgCiG0od5PdXAqCvpuW6rYkDhVqOg7CBWI%2BwoUb5jeFeSR6xB%2BGGWQVE2X5%2Fte5QjGMjGX9LtgYWlZKhSPjouRohkme8WoJwKoNs5b8pyy2pQAn5urm3Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 816b348e1b3a373a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP2D0CKKBDV4poyHX-_zABQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DBDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIDcZSQNogR2a4yHIHjx9TM&google_cver=1

43 B
839 B

46ms
45ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIDcZSQNogR2a4yHIHjx9TM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVdsCKKblkZCcfIZVDin_V4wtFgw-ckg4LvnyD9OTiuJG-PTSyV6nCPNfyXTS1tkei1MCzTIi_WFBU52TWZOLy5IiiahitspulIAPFB3b1ib1e56T8LH3oZFWTsQPkGOqzw-CRXnc0-SHabZzmVpWU2Fr05W_BKShIsPy9WQZGKR3Gre4k

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
an-x-request-uuid: ef5e9bfe-3426-4bf7-9dfa-853ebdd56dca
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.250; 37.58.58.250; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIDcZSQNogR2a4yHIHjx9TM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBDB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk0MTI4ODM4MjE5Njk2NzQyNA%3D%3D

170 B
243 B

27ms
26ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk0MTI4ODM4MjE5Njk2NzQyNA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
an-x-request-uuid: bab72e78-56c2-4727-8bb0-040a08a1b6db
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk0MTI4ODM4MjE5Njk2NzQyNA%3D%3D
x-proxy-origin: 37.58.58.250; 37.58.58.250; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92CE 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1427136714648&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92CE 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1427136714648&version=m202309260101&ct=77&x=1&cor=12333445640765174000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 92CE 16 KB
12 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMV_NjMsbEyGzPNS8gX9C9PrtQpOkQzv-MnH4K7MIpLg3JrO5oA1LDiAyH3u6Vug4iKJv-dlvaDFRBhqgtp0dDfmTl6PcgN5-cAU6Nooqm0KLexz549tS8IljtWW1qHiTTIk-KrH49b7DTleWZc1MO8gw9vvhqi_RrK9egjE1Q1igUxpc&cry=1&dbm_d=AKAmf-Cv4As-fALcMYwAn2_Np5UcQxFg44IThb4CSDu-r9yRpscUWtp0Ey95hBx2I5_2GMpg9p1iN_31z7yzgc788ibpOKeOqXZGQcaMIHTPyWZt3cwoBXCHFwTdYvIwTtI4FE04wpfIDl5l2fJSvoWa7k4YdrUHQ8brDO_waonwoE9mVLWbiKQlFHNr2OgmdAtvgTkT4MXl0HFOBemPa7L6h5R-Ik4-YVoVKoH15a5-uGA_vZuirhWYN134pNRW0zPL6t_uEI0YgbRV8JOh1Nce21LOOx8ybf8PjnMOIm6HNFFwR5XkW7phdayxoH8qIo5R-Aa_CPpB6DdgfF6dWt85y_1AbTOO46CifX_Bmx0gzqsZ_wb5ri6TCeKSJCuhAclCxl8mmx0yY6_n4kvE2RiK3l1OCr3D3zw4p6owtLTQLjHb01zz8Ttfkrv08IwLWKidAv__nDIWEFaX12hSaFTBcerUk5gJIBwjG-VhBajmX3PpjvBPIJgdz-r6voXPDvIw0GhRiIgBTXX3DWC34vGN8r9tn4i2i0-UVx2RQnMuO3HAHPZsQSN1r6kr2zEPsADf2FGZ8BTrPoyhZAi5qzkH2yoU9pB2fHGscTcWGkIMugZglmxoE8cdSLvqhI8kUfXo1pyUljA7cmRxxvXDpA_5xmef5OZs0NtlOvd4sDgWxuKKYCCeid3b0YFzUea5Qpy9svFNQO3WNZGqAgdUb6qgLfjjd1cn3kkPLcinmGQcn9yva6GrtRPOhEmtdaNOaXkrxiEKu3xgORT1EU9xKxN_JvgK4RFUOViGdBIq_aPaNBSSDaTS6GWwY34l1xUjNAMeWdgvzAWhlJ2wOlnEf0fkgm3CB4cxpRMmFtmdKExhmCMEmeDx6VF2oyiUI6tVhwYZx4gqgpT0MCvo4AnU53O3FtWzzL0sH0ltN2zVU8E_e79Bgg7NeoARoUtvu9VieBP2d0TOHsAb_GgKzy9buQpq7vqRxJv2gFynI_Z3KZ4cM8x80iIWn9SMxgSCboC8Z6LFBjS8swBnrAKQbXHyaj-SGs3j2A5f5elNw7bC0uR4iLQwBsUEakeXmZHKmjS5V5wO2kiFjpnVte53uIxLTS1r565xSJ5u4ODMUhBAdvXYHju1enRA98_e_CmSe-AoYNo8qrtK8DQrZTjji0uClpfhvAcVVJDed4bvLIGSotZszU7HcyipOutmqzTyIN0-mbVJpiTo3XEi0u-XVt_crYRlZ1e0FUfCmq4e4syB6teZBl0-kXUae-LiTM8U_TJ0cikuh1AFL3LkzNOdfP0aIr7OXb9G71IG_MC-vsOlffyoLA5mrsFY8axZjlfHorTzW06CFBcNlUa4EaKVUklNW6aXGbJgD32youShisQRVkU53Gb7ApiCzOfPWyaYdhG4F-IFNEuMy5-72wcVTAYmfiTLhT9QKkb4_vUDOwx-9xZNh_Z36d33VeNDdQjkcSFIgeQB7f7CvYCnYurZXnozSeAK898jqbWfq3daVdCZNW3a0-2jY14YtOVjvWP6En_6Fhv4bMdfaw2bY0JJq12wWaJ5-sLzGPNnktTHPwu-ocnUITYPsRSj1VO0C3ez75OmIUjenWCIe0tu_3WgJa0nZ32NznPLPcUktzk2IpDZaD6dCh0gMJlrjM0gNvUoUGOa2zXYnS5YDQRqTA6y7lIJLboJJsR7ZGDzut6BHwgl-Sa66LpAhSvFibIlM842S50p5Jc0enA6S81dru-j78ruJIa3P1xkG92skUL_h-6sV-l0DzD8E0PcdQCQVuBOv6WV826oC8qQRhWJ31qLL37QVVnaC5L6yF_LJyUdd5iQSSTkyjTcDc1cR_5RQU6EOaZCm7rGVg8l78ASiFon61gGsJJPAPQnr-RqHW-H3S4sEv-dA7H7CVHm1lRYuo6jenL7IBJ7mnmT0rhwWu6ii8AFdg4nLfTJUy4DPzkk-lMYd58GDG9V_41g9O80_H6U_28VzUN7C1zR8PET4tLqDJW0JeB2_zW38nJCenwaQSYsSoX0WAhPm8Jvo32f-Rsdc1SnbNqN5Y49wNxj_6gSpdELhZtxPc1XGwjV0Pf4_fWQ9kwXgUCaCLiplZD-34B50Wq55eK0btv9l8twhndvfAEn6oEV-2ayo5LPQfKKJU5kjAVmRWBGr6SMgKqgkoCiePetQtCq2RqN9h3QkFLrTgmaukY-yrYNsDP2rx-1zKnS6Uxp4BMfyHLjJnmRm2X46u2GdJARsYoXHKH_kpQAqeFh9YV1smhZjsy1VbRIJvKYUIt33DRjGT7pdzWhgl1HBFCjz1r-BJTcZJY89sHMxCDu__fb6u0fwf2SfDbrv0fQK2gJykKafQk_mfnWDi6PQNSPSH7LMHBfPQzvg-k5uKQrimJqwpAeoxSU7BhGHXOPCxFi5jLQrwaHomo0Bcw2gexPv0bDYKI9zUX-78fGMWDb43M2y4FJYsN66X14_x5uWmaf38MLLStWop9WZwIoQtl8OfD92_W1gX3DCAJ9RRiW2JXGOzs7fjZJJXLNGvEIx9aXnJtr1fpu5bG-J4JSrIviI-01tEbn_dl4WCHHlyoRRmImEpVxD5Vs8DrrycQW5mabWb_yKkey9jxscbT_sVOn4EeEyysVLn3KbTZgU1yUE_i7yHHmaImf3RIQp-Ss59vAPpqyB-JnKzsnxGQFcm9OK0V7v8ClkMXOozEWpTFUZiDiylgfOXvq9eFiyntDev_6Ycem3Vxx3VPJg3U4fOSHZ4i3JxtvKTCWRsqiLX3AJIDOUD7huW9oQE9rktSphZREchGHCgJZQ4069Ea4XZN0uRvTFZSukCpe1i5vkEKFC8NvN6Meo9fed3mQvj_bG7xDhBgvsn6jtaXNy_rrTO6W8Rb4Wrkrp41yxpBDMYEbj7ru9BGr3Przjzutulgh3a55SPN5r-r2qBeNL77WpVEmiuSSz5qr8hujdKG0kDA0wRxPeGkjW7CYg8nHb6ETVElETIc1zbFcBsXOFpyYsZkHKGz_aho_9LHKg_ID6KnDp9fozXRbKg8l5e0FcYXwjRAVYAUeE2Ad-4WBA9UMudvhlRtx6g5WX1RprJ6XgzSfycEVklMYfF9JKn7gMevwaUoXlqrlAr9XPKakw8ZARzKLlN1CPojRW3nLRZ1YL3KHMizRjElmc0M312RYyiRIgASgDvG_GrNjxhMs8Z7oY8lcNOJc1Gr_nbKhNrbq1dfbwzKhGpXQsaLGVA-yyC6Ka6iTuH8WtT-cnw6Yl1UPHN29j7GqVs1UfLOGJKs0PWPaMvYvW1ekhR6sIgNy-GOuvhDi3BQcS9ck3QNAXct1KD-saqHS23b_fvFBT8-JSzWij9WLOK2mQHzb6pVYE-Z6DGE45SVu2FSwYifsZMAoj6x5t7J_QceW-RU0FCgbURAhvp8rjjzfy1m3zE24PtE7fd7iFAVMoyp4ZEFD-RTQIBWF3Lvl5KGLMjwKJ7FAWuTMO3X0YFGetpV6QQt1dYmpFErh_U8JXJtwfjnJFiCar1dICrj8cBRUOhB3QPKEftZe_cem8DJtNKdm-WDQ-1eKjm-EvIjn-wOpUSfkEi0Vaxb0omhFlcapdTW3FB-SHGtoLh6a3DY26mc-djiVBHSbqfg6Zy4p7H9YQbVlUgm4U0IbZzTBSxVGjvq4cL-VYMN98Ldt-tXkI0nXwj7Z5en7xNSD32OjowKrXT60E2OZjaBooO9PgTixvzAdH2JQ2wlIzIQML3z1bKASiQ&cid=CAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fm.fanfiction.net%2F&ds=l&xdt=1&iif=1&cor=12333445640765174000&adk=1877897943&idt=45&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71c71522c09b2c7d2ca4216c1df205bd2b80d98c828f80ea65244ab0d84fb6d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0.9098e7e4385bbbc1cefe.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 246 KB
77 KB 9ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/0.9098e7e4385bbbc1cefe.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 5a8495469faaa41a4ffd046646ab9ac451effad6b9609eb870c758ae138a4dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 77945
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6712)
Etag: "7d7fd30a3c04f91bb6e42719e657c333+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 4.1579d566fe7ef23f99dd.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 234 KB
63 KB 9ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/4.1579d566fe7ef23f99dd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 9562e67b97f96f4f008179b61f9fcc006620c32307cec3ad9fe2e6d0b58378e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 63766
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67D5)
Etag: "b19ad66a33044952a2778e4e1de5b11f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 1.2a1457a8c568f1533384.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 163 KB
49 KB 10ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/1.2a1457a8c568f1533384.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 6e4c7f45987f5b5e2e4a0addcd924e736312fd3b2c42f7bcd41feb242fcf721e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 49719
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6711)
Etag: "207cde851cb385975ed7fa54f14a46d9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 3.623849758c2a16a878a7.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 654 KB
161 KB 12ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/3.623849758c2a16a878a7.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: a66da3004ab7904cb4abc086d932fde6720e5db5ae6acc974e48fa3b16d69ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 164147
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67C1)
Etag: "618712ac658424673c59e506a6c7d1d8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 6.902e7a204f7eea980629.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 2 KB
2 KB 11ms
10ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/6.902e7a204f7eea980629.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522314
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1276
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/674C)
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

POST
H2 204 csi
csi.gstatic.com/ Frame 4F77 0
54 B 156ms
52ms Ping
image/gif 2a00:1450:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lnrzmkpp&c=3603414762583&slotId=1801707381291.5&qqid=CMzYkM2B-YEDFRWJ7AodZwUO3A&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F77 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CFJl0qVssZYzgEpWSsgfnirjgDcTlwOhwpbbs6qkRt8i-wM88EAEg1aC5ImCVipCCoAegAYLk69ApyAEFqAMByAObBKoE7AFP0GyXHqGxg_zPHoD-qcyb6RwFkhzl-TOppZgdXUIoxdUQWF9m4NUqtgabwxuiWkJ-tub9yiud1u5AMUXtBiCrJsal3eETTG3I_OabYuANO1gOxn7hTJa3fpEsLDw2x3Xri87ZUj584WDVHO9tQi7sKRs9bQfzm3i3M1JqWkfqQRUVMIXcyewprvpRH8kWE-P9-1wDFFlkkCNvJz1I8T0FyMEJxDzFyvVOAlGUvPt5oYVplHTqeqMMGlJKzu-HLFqVf9qLCdFh0IIgjj4VkmgcqjFnVgr-XxlKg7cQXe0eyI3p4xzPmnn2xlzhGcAE-dWXhqsE4AQDiAXHwreiS5AGAaAGeYAHgpy8sASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBP435YV0BMA2BMNiBQB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1697405866342&ai=CFJl0qVssZYzgEpWSsgfnirjgDcTlwOhwpbbs6qkRt8i-wM88EAEg1aC5ImCVipCCoAegAYLk69ApyAEFqAMByAObBKoE7AFP0GyXHqGxg_zPHoD-qcyb6RwFkhzl-TOppZgdXUIoxdUQWF9m4NUqtgabwxuiWkJ-tub9yiud1u5AMUXtBiCrJsal3eETTG3I_OabYuANO1gOxn7hTJa3fpEsLDw2x3Xri87ZUj584WDVHO9tQi7sKRs9bQfzm3i3M1JqWkfqQRUVMIXcyewprvpRH8kWE-P9-1wDFFlkkCNvJz1I8T0FyMEJxDzFyvVOAlGUvPt5oYVplHTqeqMMGlJKzu-HLFqVf9qLCdFh0IIgjj4VkmgcqjFnVgr-XxlKg7cQXe0eyI3p4xzPmnn2xlzhGcAE-dWXhqsE4AQDiAXHwreiS5AGAaAGeYAHgpy8sASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBP435YV0BMA2BMNiBQB2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4F77 0
234 B 146ms
51ms Ping
image/gif 2a00:1450:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lnrzmkpz&c=3603414762583&slotId=1801707381291.5&qqid=CMzYkM2B-YEDFRWJ7AodZwUO3A&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.vn&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4F77 25 KB
17 KB 127ms
53ms XHR
text/xml 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CGogU-5GHmDn28G6Ty9STRUjqBYJRPub96I97w8fDX-MBNEEf9px7uECa3MUeVdidCCUgkECEDHPHRVfs2NUra_R4BdQ&cry=1&dbm_d=AKAmf-Biyf8OoXc6OuwvKryBCvUjsqe_sTNZmgrZeWcfoeQ3WnjMzkrNhGQnpFvh08anQBoGiFWk8W3GO5DUulPgESmG5JL3sUzQLEsU0fqu7ZC6YGGgCV4Ng3VmQI3WX94jWG9gs469p_Dvp8XMmi53AWAw_yodR4Q9seAwSBHzLYXANXOkav7xuOREw89dHzeC8VMDuU73Et58_ulbDFKhFM4-9qtD474QtckM6QHJuVFKxETl9VZkt-8XYGQ9LTNrCtmss6VTZIQzCpkyEKXEe31Di3Uu_qSatazvan7Ea7y5dkSRgoY086dfy-7xrn4sPp0yoH_-ApG_pH_0przL79mSb6tSYvgrYlvxDDdbu2e2I6h92dh3TzpyGrYOJAhGCbpX8E_uzl0w330Fvm4V3fY8pXIHk0H_2t1E-V5kyl-Vcr3MIvtfozk2Rgp3ExcvNzRCMfs3wgIT6xpZCqUfqAoSrGGuX30s9HwbTOsQKP43C88T3gHAVaAjG_U_MxU3us-lwl8H4-8ANmPuAYw2ag315OnYojbSIzLQeBJzpbMHuxAgsPLqFm0-236aVJ6rIbNA_lqBD4MERSaldZ67vqhUFVPEMNjvJ-QwpZPbQDKaCz2-e2v3qMVD85VOuPaGuBw42bdVCQKBt76Ifnasnb8vfvdDt4p-5wCNGU9hwh9BMIiT2xXzTTVFeaXeaIfPwFfKdkJuJB-VQak-ejx4zKddBBUvCCDnKf0LBXkkncSCZbveEm5REQI8aXFR11bfqPJED7qvtWHsVq5gbWUxmO_xXunE1rJCz5EnETJmxzHn8puEOTqEqmheSBB0M5CBt8wp3do_wInwx7ZaFF2m3Zh2u-x3nJej2eP-cT_SAnAn3xpYVE7FvLsezaZZIh8VdAw8eGM3-mduGE9zSuH-ifp6y3mG0xX81z-oS0kJ3GeAI4xoapmlYlgsDBykZ_f3-cTcc4uVVhSDGhpN5OoALoB8zK6wA5DI2FhDnT_dGdRLErqgZ7EDOLTODInjBxOKyhbpdGjsueRYxsXsXUWjks6eN8D1qUpn7cL5rfaFoZHrGWxYxTl2nPfRqZ_gDNUxczuyniaBPyoJ3kVTt1Jj8ZHOAqaq1ukx6CiHDpcFH9B5BiN3Hr0NePlTE_8A0SZFw_5_5y98d7QQRPFf-nydxcT9KcS7BVaOR6Lc3QJaoYR-tlU4SUllO_oARcVVqt5Cr5tjlMGDaOpxe9RszzaraHAX4YhGqTImLWAtbR9Z7UoM2pB4k5HFAwWabJBv4iPnd_fc4q55W4aaoqhIk_pkOq4s5tXLnC9Tp_DIfv6y1eiX4txsAmxB9q2SEiRuI_XaxO-Zuzs_w7jNulEzTuBldux7Bu7XizuAawmGIM6SUCZYp9xtuvvFngK90R8CNSq-B9a-Sj0CUINiiyITnh5wXmJmV8U5-0kzrO_I-P8SLnxGQgMgoDejIz2J2JAPLma7k2wpOh4lzitL0dq03oPpPqFbu9SQ1E5g6aG1HTOT1BddFdoH44TEtDj1H15MHsZzq85t3NylnnDJfACa5-wIFY5X4R-_hnXbbs60ZS3yi2ppbqGDC2NmUb8mmszuTEH7Yh5TBL2SXYRAP9Crje4ZrvO657yBk2Bu3_Joua7L0gaymm90EilhueACIzJVqG9zYoqUXGOSH2-991JtpA73bULwO8Qdt17NEbGuPnnUznMpnYm73BZ5hsCMeN9ACsHQHTYa_uhg7cPMZRu59iQg8XiQt6yM-Mw6Lp59E1_Tdy-8WxUAcvpzK4Ist0fjBE3LW6sIwm2jhQBYBPaKQagUfWtcSuE1VHzZTH2JRyv6g6lNxHybginQ5vkWrPdrIpl1RlcT-OxUpLHuamsu-eJ30YRzaik3cmgJfvVqcVFLMoNPoa_jMDOFJBHti9Pkf1AbncT4DFOY7XuXlj-uXIY4W8_X0AJ_5QsVFmfZU_Ifbta5O5ILQNyaqS2a1HoE8leXMih6BclqFoUXxUTw-0OBF1mEFmtocOVM7O3R0f-1fPXc5IXEfNW98B9o0TQmZx62ZZOw0I9zUrbsJw_DYN6jFHbhq9N7VZRoM-am6QiyvJ98LEF6Sb6_aNd2CY-_9BJLGwpbIb4lLynosJbvH8V72vuKKv8Yxu9Cl94LUSSI63hN4r_yK3dnfy7lpw-_TKq6_wf2d2jV4Lq6hGYHzSR-e2850pHGgiO-OROZJzjtDGiC5AMnqub_ondmSOpvXAIOoehAr2F1d1z5Z89wAus6NTdVxNrKWu_U8jkIX4zHh1qIJv2rUWuy5u9lbuiJzcItKyuoix4nDvWEibgSIvKyA8UEfqxWrdW9W6wotFLRrmBNETrw5gE0LsWEdgNFVvh8GE4moBeCPwUGu-cXpHoGf0EO2RYb_Mt5xXiK1qroXzT983Uggx28-lbdc103H_BmGfzWhJ9DW3c7RQqEZd7-n9Mqm8XLDVXH00m4eA6JEO-0JjiGprI2o4YA2Wf-g6sXJ4ORypFHgM5ji4yT_K9yQyddvGuDef8GVN3BNYK96JZbobf0-Ii6A8rjW1r5N3utde229r-0OqV65T0BtdGvEDJ5xrDTkBKxTWSDj-DNY8avsmLpnSF7_kwZ5OPgJgh0xluKdqlzZLEawNXUrGHutGZ-VpecwMWwxADpTJKaSKTuVzmLPJQI5TMrcejADbUXnZRrTj86lVMoWHrCFiQVy40wiLnrdyfRDCNVKfzxftVzFGE1RwsfQsYXKLDryHR7jrDYKdRgp4K6yBmpxOpphRN6fPYpPguUJoub4XWr5dhqw9uhOtUtsZ32vhgqNgjOt1zx_5pUfIVVfJdIGamqZE2amJvITPxYUhohQFSFz0xRWzDgY60cUpaK7LK7MoDdChnfPkwnC7D0HyB5jYqP6VN4uAgUVkSHNnfs5QtBia0MMJ76Rbum7t8inM7FR6H4O8GBV1Lk-TpXjYa64a5DWxqcVX-hzEu1r2mKyUS0BhP9pRUY6TMaPchyUdsQocBxBV_nWweAcbAsqwBe3pWWuXwu6SRmjDrRckKCyKP4hp6A8L0KEJp1Sj5vEF6NOhZhzHK3_FNEVKWVxtnXTMIoO221EQjL6cu_tvIMPchAZa3D3EoEv1dC4OXCb86BRjQODdLzKqWstqjHOoza9-TBtISGic36KKFDPJBXZfTp7OP7NnEnnywrZbyMarzx-20xSVwclbtSb_TMXFytB-UqLGdX_CLj527TDRjn4KVf1FYq4x8sEwrG6-jvr0Oj6J2ZBJmf2m127H_3L09_K8ThIn_kbVg8IHZTEmOX-4lNPD0cuhPOwWUI0-SaK95Zk6ARQa3cjn5DtfhrhzV8Dn6xzr5oRwS9XyFbBWsCzVQE1VgElBvUF3sqRu6VFYuwu-kuoV9Pjteotgsy_RA0BzJowwElBxF35MQQyBWu5gVKh0NDLxHFQ8edZl-yBd1s9iJeLDdIwgrryQDWuyEym1H1cL8eyKJ2_6xE9dliEg61fFRNp5avlOeDsACDIHrOp7bVrBHtOSEeTwjDEksjns2A7dvoRP-sj1Olkx-KqSadL0BV6t1Apg0&cid=CAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

0701653e0c95bdd073234cef556e80f1d18c052cab233d114659114cd14fce81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16648
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 92CE 41 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMV_NjMsbEyGzPNS8gX9C9PrtQpOkQzv-MnH4K7MIpLg3JrO5oA1LDiAyH3u6Vug4iKJv-dlvaDFRBhqgtp0dDfmTl6PcgN5-cAU6Nooqm0KLexz549tS8IljtWW1qHiTTIk-KrH49b7DTleWZc1MO8gw9vvhqi_RrK9egjE1Q1igUxpc&cry=1&dbm_d=AKAmf-Cv4As-fALcMYwAn2_Np5UcQxFg44IThb4CSDu-r9yRpscUWtp0Ey95hBx2I5_2GMpg9p1iN_31z7yzgc788ibpOKeOqXZGQcaMIHTPyWZt3cwoBXCHFwTdYvIwTtI4FE04wpfIDl5l2fJSvoWa7k4YdrUHQ8brDO_waonwoE9mVLWbiKQlFHNr2OgmdAtvgTkT4MXl0HFOBemPa7L6h5R-Ik4-YVoVKoH15a5-uGA_vZuirhWYN134pNRW0zPL6t_uEI0YgbRV8JOh1Nce21LOOx8ybf8PjnMOIm6HNFFwR5XkW7phdayxoH8qIo5R-Aa_CPpB6DdgfF6dWt85y_1AbTOO46CifX_Bmx0gzqsZ_wb5ri6TCeKSJCuhAclCxl8mmx0yY6_n4kvE2RiK3l1OCr3D3zw4p6owtLTQLjHb01zz8Ttfkrv08IwLWKidAv__nDIWEFaX12hSaFTBcerUk5gJIBwjG-VhBajmX3PpjvBPIJgdz-r6voXPDvIw0GhRiIgBTXX3DWC34vGN8r9tn4i2i0-UVx2RQnMuO3HAHPZsQSN1r6kr2zEPsADf2FGZ8BTrPoyhZAi5qzkH2yoU9pB2fHGscTcWGkIMugZglmxoE8cdSLvqhI8kUfXo1pyUljA7cmRxxvXDpA_5xmef5OZs0NtlOvd4sDgWxuKKYCCeid3b0YFzUea5Qpy9svFNQO3WNZGqAgdUb6qgLfjjd1cn3kkPLcinmGQcn9yva6GrtRPOhEmtdaNOaXkrxiEKu3xgORT1EU9xKxN_JvgK4RFUOViGdBIq_aPaNBSSDaTS6GWwY34l1xUjNAMeWdgvzAWhlJ2wOlnEf0fkgm3CB4cxpRMmFtmdKExhmCMEmeDx6VF2oyiUI6tVhwYZx4gqgpT0MCvo4AnU53O3FtWzzL0sH0ltN2zVU8E_e79Bgg7NeoARoUtvu9VieBP2d0TOHsAb_GgKzy9buQpq7vqRxJv2gFynI_Z3KZ4cM8x80iIWn9SMxgSCboC8Z6LFBjS8swBnrAKQbXHyaj-SGs3j2A5f5elNw7bC0uR4iLQwBsUEakeXmZHKmjS5V5wO2kiFjpnVte53uIxLTS1r565xSJ5u4ODMUhBAdvXYHju1enRA98_e_CmSe-AoYNo8qrtK8DQrZTjji0uClpfhvAcVVJDed4bvLIGSotZszU7HcyipOutmqzTyIN0-mbVJpiTo3XEi0u-XVt_crYRlZ1e0FUfCmq4e4syB6teZBl0-kXUae-LiTM8U_TJ0cikuh1AFL3LkzNOdfP0aIr7OXb9G71IG_MC-vsOlffyoLA5mrsFY8axZjlfHorTzW06CFBcNlUa4EaKVUklNW6aXGbJgD32youShisQRVkU53Gb7ApiCzOfPWyaYdhG4F-IFNEuMy5-72wcVTAYmfiTLhT9QKkb4_vUDOwx-9xZNh_Z36d33VeNDdQjkcSFIgeQB7f7CvYCnYurZXnozSeAK898jqbWfq3daVdCZNW3a0-2jY14YtOVjvWP6En_6Fhv4bMdfaw2bY0JJq12wWaJ5-sLzGPNnktTHPwu-ocnUITYPsRSj1VO0C3ez75OmIUjenWCIe0tu_3WgJa0nZ32NznPLPcUktzk2IpDZaD6dCh0gMJlrjM0gNvUoUGOa2zXYnS5YDQRqTA6y7lIJLboJJsR7ZGDzut6BHwgl-Sa66LpAhSvFibIlM842S50p5Jc0enA6S81dru-j78ruJIa3P1xkG92skUL_h-6sV-l0DzD8E0PcdQCQVuBOv6WV826oC8qQRhWJ31qLL37QVVnaC5L6yF_LJyUdd5iQSSTkyjTcDc1cR_5RQU6EOaZCm7rGVg8l78ASiFon61gGsJJPAPQnr-RqHW-H3S4sEv-dA7H7CVHm1lRYuo6jenL7IBJ7mnmT0rhwWu6ii8AFdg4nLfTJUy4DPzkk-lMYd58GDG9V_41g9O80_H6U_28VzUN7C1zR8PET4tLqDJW0JeB2_zW38nJCenwaQSYsSoX0WAhPm8Jvo32f-Rsdc1SnbNqN5Y49wNxj_6gSpdELhZtxPc1XGwjV0Pf4_fWQ9kwXgUCaCLiplZD-34B50Wq55eK0btv9l8twhndvfAEn6oEV-2ayo5LPQfKKJU5kjAVmRWBGr6SMgKqgkoCiePetQtCq2RqN9h3QkFLrTgmaukY-yrYNsDP2rx-1zKnS6Uxp4BMfyHLjJnmRm2X46u2GdJARsYoXHKH_kpQAqeFh9YV1smhZjsy1VbRIJvKYUIt33DRjGT7pdzWhgl1HBFCjz1r-BJTcZJY89sHMxCDu__fb6u0fwf2SfDbrv0fQK2gJykKafQk_mfnWDi6PQNSPSH7LMHBfPQzvg-k5uKQrimJqwpAeoxSU7BhGHXOPCxFi5jLQrwaHomo0Bcw2gexPv0bDYKI9zUX-78fGMWDb43M2y4FJYsN66X14_x5uWmaf38MLLStWop9WZwIoQtl8OfD92_W1gX3DCAJ9RRiW2JXGOzs7fjZJJXLNGvEIx9aXnJtr1fpu5bG-J4JSrIviI-01tEbn_dl4WCHHlyoRRmImEpVxD5Vs8DrrycQW5mabWb_yKkey9jxscbT_sVOn4EeEyysVLn3KbTZgU1yUE_i7yHHmaImf3RIQp-Ss59vAPpqyB-JnKzsnxGQFcm9OK0V7v8ClkMXOozEWpTFUZiDiylgfOXvq9eFiyntDev_6Ycem3Vxx3VPJg3U4fOSHZ4i3JxtvKTCWRsqiLX3AJIDOUD7huW9oQE9rktSphZREchGHCgJZQ4069Ea4XZN0uRvTFZSukCpe1i5vkEKFC8NvN6Meo9fed3mQvj_bG7xDhBgvsn6jtaXNy_rrTO6W8Rb4Wrkrp41yxpBDMYEbj7ru9BGr3Przjzutulgh3a55SPN5r-r2qBeNL77WpVEmiuSSz5qr8hujdKG0kDA0wRxPeGkjW7CYg8nHb6ETVElETIc1zbFcBsXOFpyYsZkHKGz_aho_9LHKg_ID6KnDp9fozXRbKg8l5e0FcYXwjRAVYAUeE2Ad-4WBA9UMudvhlRtx6g5WX1RprJ6XgzSfycEVklMYfF9JKn7gMevwaUoXlqrlAr9XPKakw8ZARzKLlN1CPojRW3nLRZ1YL3KHMizRjElmc0M312RYyiRIgASgDvG_GrNjxhMs8Z7oY8lcNOJc1Gr_nbKhNrbq1dfbwzKhGpXQsaLGVA-yyC6Ka6iTuH8WtT-cnw6Yl1UPHN29j7GqVs1UfLOGJKs0PWPaMvYvW1ekhR6sIgNy-GOuvhDi3BQcS9ck3QNAXct1KD-saqHS23b_fvFBT8-JSzWij9WLOK2mQHzb6pVYE-Z6DGE45SVu2FSwYifsZMAoj6x5t7J_QceW-RU0FCgbURAhvp8rjjzfy1m3zE24PtE7fd7iFAVMoyp4ZEFD-RTQIBWF3Lvl5KGLMjwKJ7FAWuTMO3X0YFGetpV6QQt1dYmpFErh_U8JXJtwfjnJFiCar1dICrj8cBRUOhB3QPKEftZe_cem8DJtNKdm-WDQ-1eKjm-EvIjn-wOpUSfkEi0Vaxb0omhFlcapdTW3FB-SHGtoLh6a3DY26mc-djiVBHSbqfg6Zy4p7H9YQbVlUgm4U0IbZzTBSxVGjvq4cL-VYMN98Ldt-tXkI0nXwj7Z5en7xNSD32OjowKrXT60E2OZjaBooO9PgTixvzAdH2JQ2wlIzIQML3z1bKASiQ&cid=CAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fm.fanfiction.net%2F&ds=l&xdt=1&iif=1&cor=12333445640765174000&adk=1877897943&idt=45&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Oct 2024 23:31:37 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 92CE 11 KB
4 KB 61ms
13ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1697405865307213&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Toenisvorst, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 5534bb870e2ac44da2e4939fe211e4c00d0d1b68eb724e45a702e0907de00246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4183
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ondemand.Dropdown.0890ced0fe3b29a4c947.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 7 KB
3 KB 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.0890ced0fe3b29a4c947.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:46 GMT
Content-Encoding: gzip
Age: 522315
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2822
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67DF)
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 270d.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 3 KB
1 KB 62ms
9ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/270d.svg

Requested by

Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7200732666cad7e17b06c3adefa0f0aaf80e21abf925229038ece9c54fb2419f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1282
x-served-by: cache-fty21378-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:32:28 GMT
etag: "jNdygPw3QiolBZ0tbdWXlw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: d06fe94ae7e9c5ae
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:55:34 GMT

GET
H2 200 1f9ef.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
981 B 56ms
11ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f9ef.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f33d8bb5c5dc671fe0952adf9047dffafa2d7ff3ecb4aeeb75cddd4a0c9cd622

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 820
x-served-by: cache-fty21347-FTY, cache-fra-eddf8230058-FRA
last-modified: Mon, 04 Jun 2018 23:15:26 GMT
etag: "d63lRnhrUiwfVsV+dNSxsA=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 75ca7641c15397dc
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 12 Sep 2024 08:15:42 GMT

GET
H2 200 1f400.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 1 KB
1 KB 56ms
11ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f400.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8bfbece3bc1d503247a8f7ba2ea9539534998fdc196b1aab974eef66a1f97a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 779
x-served-by: cache-fty21336-FTY, cache-fra-eddf8230058-FRA
last-modified: Thu, 16 Apr 2020 17:05:37 GMT
etag: "82tm4vgC3J9D2LT6GMCEqg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: b1e4a3cefe746f87
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:32:24 GMT

GET
H2 200 1f9d0.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1 KB 54ms
8ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f9d0.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0805fa46a5ed3f4da936ef86d38dc7124827e4e926d00d429cbe87a5ea7c361e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 828
x-served-by: cache-fty21328-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:32:23 GMT
etag: "7OYoNUSnA/FYtJdQeq47Yg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: dca5a4ed8bfd43da
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:49:38 GMT

GET
H2 200 1f477.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 3 KB
1 KB 58ms
13ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f477.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0962a36a56e23bee72d08a0758b91e84d16fef596181e03e4fb9c3002806065b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1216
x-served-by: cache-fty13729-FTY, cache-fra-eddf8230058-FRA
last-modified: Thu, 31 Oct 2019 20:40:52 GMT
etag: "h/xFh/KJntnzivhNhXLesw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: b25cf8dc0ec039e4
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 07 Sep 2024 02:36:30 GMT

GET
H2 200 1f477-200d-2642-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1 KB 55ms
10ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f477-200d-2642-fe0f.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3441f20163e5dd98803301d480b870d7aaeecfe841f9bee670efd11009d9f8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1136
x-served-by: cache-fty21354-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:31:02 GMT
etag: "jPkRvog1fQfjD7kzDaqjkQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 73670ac55b89e32e
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 21 Aug 2024 09:08:54 GMT

GET
H2 200 1f449.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 563 B
533 B 8ms
7ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f449.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 372
x-served-by: cache-fty21325-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
etag: "Ay2Qf/SaY+B1fK3V82qyFg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: fe76c0c9e4c647c5
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:33:15 GMT

GET
H2 200 1f916.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1 KB 9ms
9ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f916.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20e5f9466f9c909d9cdf67a83af252df198ba686c57cfc0271afab9d48cee699

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 684
x-served-by: cache-fty21344-FTY, cache-fra-eddf8230058-FRA
last-modified: Fri, 10 Aug 2018 17:45:20 GMT
etag: "tn5lwqsEKNp4bB9T6/1CQw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: cb8af6f6434ce01b
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:46:03 GMT

GET
H2 200 1f9d1-200d-1f527.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1 KB 9ms
8ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f9d1-200d-1f527.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55ff4a43d26f59582712ca76517e44b004b076f587d90128e326a6edfbdc27b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1107
x-served-by: cache-fty21328-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 22 Jan 2020 23:14:21 GMT
etag: "5NgDw7sPilyOLTe2v6ehwQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 33786ebd9b32b786
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 25 Sep 2024 08:58:33 GMT

GET
H/1.1 200
OK vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js Show response
platform.twitter.com/_next/static/chunks/ Frame 671E 148 KB
42 KB 9ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:47 GMT
Content-Encoding: gzip
Age: 522315
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 41941
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67E2)
Etag: "5e006b62c5bde14eb6fa194e2cee465c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 like.4.json Show response
abs.twimg.com/sticky/animations/ Frame 671E 24 KB
2 KB 43ms
10ms Fetch
application/json 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://abs.twimg.com/sticky/animations/like.4.json

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/3.623849758c2a16a878a7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frb/6740) /

Resource Hash

4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
age: 5546165
x-ton-expected-size: 24292
x-cache: HIT
content-length: 1897
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
server: ECAcc (frb/6740)
etag: "YKYmOkwIx9KztN7bQT7x8g=="
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-transaction-id: 80afab27525733bc
perf: 7626143928
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 14 Oct 2024 21:37:47 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 671E 43 B
150 B 126ms
125ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697405867428%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fm.fanfiction.net%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AFictionPress%22%7D&session_id=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 109
date: Sun, 15 Oct 2023 21:37:46 GMT
strict-transport-security: max-age=631138519
last-modified: Sun, 15 Oct 2023 21:37:47 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: b119f8ed0a754552
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d6137991b8528053541a615304597627ad5b43232a18c9dc67f1657d40b04ae0
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 4F77 0
54 B 51ms
51ms Ping
image/gif 2a00:1450:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lnrzmkq8&c=3603414762583&slotId=1801707381291.5&qqid=CMzYkM2B-YEDFRWJ7AodZwUO3A&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame 4F77 17 KB
4 KB 134ms
72ms XHR
text/xml 172.64.151.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=1828362&cmp=189093&sid=18330&plc=6688641&adsrv=29&blk=1&aubndl=&turl=https://m.fanfiction.net/&auxch=1&pltfrm=1&ausite=18408242429&autt=4&ppid=103&prr=1&auevent=ABAjH0jfQD_O9mBflr9U-8_g6AmY&c1=3060631&auorder=1012742112&aulitem=20204872007&aucrtv=495654974&aufilter1=3060631&audeal=&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F8%2F189093%3B6688641%3B208%3Bxml%3BDV360%3BDV360FY23StockBEHCustomIntentDEDSKVID1920x1080%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=7&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 447a4ffbc324aaa746b160c837a137c902d0d01d54da0bb4cae019a13e332ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:47 GMT
content-encoding: br
server: cloudflare
vary: origin, Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: https://vpaid.doubleverify.com
link: <https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://cdn.doubleverify.com>; rel=preconnect, <https://servedby.flashtalking.com>; rel=preconnect, <https://d9.flashtalking.com>; rel=preconnect, <https://tpsc-video-eu.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect, <https://ad-events.flashtalking.com>; rel=preconnect, <https://rtb0.doubleverify.com>; rel=preconnect, <https://tps.doubleverify.com>; rel=preconnect
alt-svc: h3=":443"; ma=86400
cf-ray: 816b34908913382e-FRA

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0006 42 B
64 B 79ms
51ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspWWyzFR4IxqaqPwVZOqY5tezyFA1-FJuB6eN2riirtgXIIzBsFSY1jkACOcACSTlT_U-9TlWrSZoZsnR-GXrCTwQYII34VfZjCWPBJrQSpyCrwkEtXv9E9VdpOGFjR96g8NbstD3wLCVuOx0WHyOV7UE0Dl0U07z1x5HBzG-anafvLE2lnoZGy-NzUF8X3Uv-MK2Pev0_ctgBHanrJcgwCNW_aeIV7Jr6MA8hqE0GTRbePj5SFkleVVSBRCwcL5G8LETdw3_-iItBvTLHu_Kjeq7sJyL6vdGo3LeQFwzVHzKKYnfXFVuM-S8liawj-vnRM8V7mNZJ9KNjvVe2P1X0JweSeSanTLHlbS9_XxQgkLFhU40RZ5YXY4WK2DZsPvclgs72AJyQ5srOlVThajQvZvTo0hU3YIqiYbRVtAwCenXAxTpN_QM4ZuSutslGifcTAU1yy3I7leGlWgXaZ45TC-LJzuXwUkeqSLpI2kuwnDdC78pD1wAHny56-I9JySe8gcu4Jy24vDhTFoBh4jtXlq3IHztLxwHIdl1eUoafFOCOu_c0gA2-bcZxTxfosh8K6wotCuR3jwqM83tD0jUogU8_aQPptlRlbfi1ZkNT2oCwwGrWD43xXAgLwQsmBQ9n0o7K8hSlbQK3yLbbszrqA60EMqz-Mx_pS0wXOZsj2jbEqYsqmEuQrQDakqrRMdi2qUrGQEorffcxj4euDRdFahEn5jv5OkaOTGSelhx_C2rkkCqYxJep-gb3lxvkRfwlGCIUjMa1k24uTXZe1HVVYLMN91nY9xsTk6mbgZmYsv3u2DDv0qwv0bNf9YMOqCFp4rHPQyloMk7GAIDR8mFc7HNAXdQglMcBSFuUb5BXfGdVOmtj3LBpfOoXCMgM5IdpmOj0yo9cVmqsLjXdXvbCoEOFPmRhhQxdi4rEraqSWljpa4eV5tbmYbv_vIvneYnuZI8M2MZ8lbNP4ND_WIoGdSVRAs1E_dSuiMvZUXm97EEjoPx8yWnY-yrL8D7EuWbH6uVjwwhhUJnAvSgmDGrlILQQQ6P4dT96qoEcu4Xq8rJNnQMWfSwgZypOz9CTiNYI_n-OygYEAL-XRPWa0RstcXXuHE_oxm2o&sai=AMfl-YR5fyvieSu3cRQ_SCQ5BCA_-9NKG6sI93xX9iInlveJvWmpxzyrZ6azyzVnYAvhm0LEMRegL3TQEd1IMad4fmvwYzLJTdTbdcpjHxEHgCFETZ3xT5XsNTDpeCIxS4pLNtY8hOT-QSsyfMxoqtN1QYUhy5LrF6X8Gw&sig=Cg0ArKJSzC0By8QURAe5EAE&cid=CAQSSwDICaaNdLaXJNIq3lImUfUc4cXc00ppC8JFSppIXl1Z_ir3u5AxtzHmUJLJeICwNWjShX3N6alM1p53g9MxbMDHqVvF112GdrhVnhgB&id=lidar2&mcvt=1633&p=0,0,100,320&mtos=1633,1633,1633,1633,1633&tos=1633,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3657489682&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697405865187&rpt=725&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WXbuqyjo_normal.jpg
pbs.twimg.com/profile_images/843841615122784256/ Frame 671E 2 KB
2 KB 72ms
11ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/843841615122784256/WXbuqyjo_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

574ed70e9c532d55cd6cbab7c9c16ca81be12c9776ed08325750e793fa893051

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:47 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 544740
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2035
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/9 profile_images/843841615122784256
last-modified: Mon, 20 Mar 2017 15:06:13 GMT
server: ECS (frb/668C)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 786d8f2dfdcfbd7d
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 18785150734b3a4381e95f8c40801873f006b2c5979c521dd8dc601ff933e16d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 WXbuqyjo_mini.jpg
pbs.twimg.com/profile_images/843841615122784256/ Frame 671E 1 KB
2 KB 30ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/843841615122784256/WXbuqyjo_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

03e5ff0b7904715daedf556de67c7a09910c63137032eed525329ccbfeaab758

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:47 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 565880
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1514
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/9 profile_images/843841615122784256
last-modified: Mon, 20 Mar 2017 15:06:13 GMT
server: ECS (frb/6772)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 15fe4ae26d7f072e
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 527c3406537f55cad4c3690993c0a35264cce8640d15a412b600309bfdc5bdcb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 92CE
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

116ms
90ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D3046330952%26client%3Dca-pub-8698054525611092%26fa%3D2%26ifi%3D4%26uci%3Da!4%26xpc%3DfBR6fjEsD6%26p%3Dhttps%253A%2F%2Fm.fanfiction.net&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.fanfiction.net&random=7701372294184&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: cf0ec40142f44e8db92b5992581733f87f6b0f9cb89b90dd92fed5fdc732b444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Oct 2023 21:37:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 11526600108618904444550012478007
Connection: close
Content-Length: 1339
Expires: Sun, 15 Oct 2023 22:37:47 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 15 Oct 2023 21:37:47 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D3046330952%26client%3Dca-pub-8698054525611092%26fa%3D2%26ifi%3D4%26uci%3Da!4%26xpc%3DfBR6fjEsD6%26p%3Dhttps%253A%2F%2Fm.fanfiction.net&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.fanfiction.net&random=7701372294184&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 15 Oct 2023 22:37:47 +0200

POST
H3 204 csi
csi.gstatic.com/ Frame 4F77 0
17 B 51ms
50ms Ping
image/gif 2a00:1450:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lnrzmlne&c=3603414762583&slotId=1801707381291.5&qqid=CMzYkM2B-YEDFRWJ7AodZwUO3A&fb=outstream-lima&vmfc=7&vhc=0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&ccc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F77 41 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Oct 2024 22:32:49 GMT

GET
H/1.1 200
OK consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame 4F77 7 KB
7 KB 97ms
12ms Image
image/png 104.119.108.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Requested by: Host: m.fanfiction.net
URL: https://m.fanfiction.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-55.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:47 GMT
Last-Modified: Thu, 06 May 2021 18:54:24 GMT
Server: Flashtalking (AKA)
ETag: W/"ea9218504eec09a337676178d9020356"
Content-Type: image/png
X-Varnish: 257214694 257303549
Cache-Control: max-age=787
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7281
Expires: Sun, 15 Oct 2023 21:50:54 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5AEF 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 334276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 00:46:31 GMT
expires: Fri, 11 Oct 2024 00:46:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content FY22Q4_Stock_Stock_Stock_DE_DE_WorldOfStockNature15s_VID_1920_1080_25000_3000.mp4
cdn.flashtalking.com/165457/ Frame 4F77 22 MB
0 77ms
13ms Media
video/mp4 104.119.108.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/165457/FY22Q4_Stock_Stock_Stock_DE_DE_WorldOfStockNature15s_VID_1920_1080_25000_3000.mp4
Requested by: Host: m.fanfiction.net
URL: https://m.fanfiction.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-55.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 15 Oct 2023 21:37:47 GMT
Last-Modified: Thu, 31 Aug 2023 17:37:58 GMT
Server: Flashtalking (AKA)
ETag: "162aeec25cc334136e72d84027c842b3"
Content-Type: video/mp4
X-Varnish: 274159451
Content-Range: bytes 0-46735131/46735132
Cache-Control: max-age=2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46735132
Expires: Sun, 15 Oct 2023 21:37:49 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 33F8 23 KB
8 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 575934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 05:38:54 GMT
expires: Tue, 08 Oct 2024 05:38:54 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 9E84 0
466 B 399ms
339ms Document
application/javascript 145.239.193.130

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=11526600108618904444550012478007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D3046330952%26client%3Dca-pub-8698054525611092%26fa%3D2%26ifi%3D4%26uci%3Da!4%26xpc%3DfBR6fjEsD6%26p%3Dhttps%253A%2F%2Fm.fanfiction.net&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.fanfiction.net&random=7701372294184&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 15 Oct 2023 21:37:48 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: 253A3AFA:E2AC_91EFC182:01BB_652C5BAC_11B8176:19773

GET
H2 200 / Show response
adv.office-partner.de/ Frame 7542 930 B
931 B 53ms
7ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D3046330952%26client%3Dca-pub-8698054525611092%26fa%3D2%26ifi%3D4%26uci%3Da!4%26xpc%3DfBR6fjEsD6%26p%3Dhttps%253A%2F%2Fm.fanfiction.net&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.fanfiction.net&random=7701372294184&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 15 Oct 2023 21:37:48 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 22 Oct 2023 21:37:48 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame C533
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=11526600108618904444550012478007&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3199324476

350 B
401 B

60ms
17ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3199324476
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D3046330952%26client%3Dca-pub-8698054525611092%26fa%3D2%26ifi%3D4%26uci%3Da!4%26xpc%3DfBR6fjEsD6%26p%3Dhttps%253A%2F%2Fm.fanfiction.net&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.fanfiction.net&random=7701372294184&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 15 Oct 2023 21:37:48 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3199324476
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 92CE 2 KB
2 KB 178ms
86ms Script
text/html 3.9.163.207

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=11526600108618904444550012478007&nw=1
Requested by: Host: m.fanfiction.net
URL: https://m.fanfiction.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.163.207 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 5499d9368e810f3720f0e886b7a3e6ccc27eaf075fc37cf6659420c2e8235d5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:48 GMT
last-modified: Sun, 15 Oct 2023 21:37:48 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 15 Oct 2023 21:38:48 GMT

GET
H2

200

activityi;dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387 Show response
8019191.fls.doubleclick.net/ Frame A697
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387?

391 B
327 B

59ms
58ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387?

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

bd78a5f1c76ddbbd25e83666c5baf0a3bf6b46fee0249e8c7778e154b536180c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 21:37:48 GMT
expires: Sun, 15 Oct 2023 21:37:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 21:37:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame DE31 7 KB
2 KB 36ms
12ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=11526600108618904444550012478007&a=b25dcea2
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=86a12667b9&subid=&uid=28da12a205f516a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuciHqVssZY3gEpWSsgfnirjgDablvaBphZWcp8kP8C4QASDVoLkiYJWKkIKgB8gBCakC3vU6GeShsT6oAwHIA5sEqgTmAU_QxUsqp9qmKk5569EhmJ1JGRFXlZd9avcHNDW39i558nlfDZEZwYzxmml5ddZtvQhnH4NdoKKAmwsOTeNq0vqbqhALrzTYZVD7WcQyIu_j2_1IS5ptIkVu6q-sKHqZr2LbXbW9z9sC4PNQU95IOy-moOz0ypJMf6zetKxuFvoP76nAlGr67IttU74LnQBZzPe8hQcZ844ZYhE48hMzCVHMIBniRalsgM1Fhov-foDVlXGSulz6G9j77hJqzCTrtcWJugsbJYGHhhF9GFJqMGvmRu1xhlvRDbIE-D6AzQCeIQOpPrbvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIzdiQzYH5gQMVFYnsCh1nBQ7cEAEYASAAEgLuS_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaN3RADgeJrQ5p6XoyCsWGCpk7pSKwBJ1wkBSL6zKL0g9K481ui481KNOkExI569wUV0_a5ysZtxGkdgDHouXz0mhCREPfDxRgB%26sig%3DAOD64_1zbOF5TZF1_bTStjGkMMF1zfsJqQ%26client%3Dca-pub-8698054525611092%26dbm_c%3DAKAmf-A1E6hucqbICubO_veo57G8LBW0q1CuzcvRMxIBOOKByHCg2NxmKI3XWZmaqmuHjhhdseFLCDeBL8kfnN7rlwdfqL3RzVrZFYpvzTFkDRVHkUBP1pxGZH3XFlJEPIVFnSQKqF8jGD5vUA4fbzlKnTvENCvKunKGOhiC04a-AsEi71udQQ4%26cry%3D1%26dbm_d%3DAKAmf-AFrHNkRvO2OyPCPO_OElwQ8JuI7PwLlHRloMyugRrtwzTR3MA8voR4mV9sZ-xLhbSnGFJxnRaSmk2IoKVf0ORgeNJKBDjWGZwom917ff9TJJMjmHL4HzZzuiFyIxEaBA4vjko-C1QIP826RgWSSHf7m21nl99TAq4BbLqWWgmkQgTW4HmnR0Fnb-nvgi-7G9ybelgeGUhVqFs7hB53Gxk8miTIxBp_ic7lL4D06uaW30HUBBOB4x7XZcf2MIFGZThKl1cNv4lOi_IftKZbQAJkDvhqEgbRcwtxy_TRVlE_TC-XNXQEwFdWhRBTUjWnY9oge2iduNEh3-HQXeAvd13cgwYFt13-HxKBrAIRdDdH3DZO2PwUDq-3oItpYb09AldQVesR1n_p93hRGag_hVypfBz5-13i1E4cqTLU13pvS05Yduwv9qLHjXA4tc02BmUK1QB_ca6s07-Ez-LDijPYZ3He0lEySRsYmZ-mu0EcXAfEViyx-IlGdmy1lav-bTv_v_4YubhPLf7ckL7wH5iHlnChvUP0xa-9SeD0NeldiyM-UMw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D3046330952%26client%3Dca-pub-8698054525611092%26fa%3D2%26ifi%3D4%26uci%3Da!4%26xpc%3DfBR6fjEsD6%26p%3Dhttps%253A%2F%2Fm.fanfiction.net&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.fanfiction.net&random=7701372294184&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4888fc21dc1f5c0e07cc1c39882b9e7321581034947e780927240e7f0b2cc222

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2078
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Oct 2023 21:37:48 GMT
Expires: Sun, 15 Oct 2023 22:37:48 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 92CE
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11526600108618904444550012478007&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11526600108618904444550012478007&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
482 B

353ms
293ms

Image
image/gif

145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11526600108618904444550012478007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:48 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: 253A3AFA:E438_91EFC182:01BB_652C5BAC_119E964:1193C
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11526600108618904444550012478007&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Sun, 15 Oct 2023 21:37:48 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H3 200 e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5AEF 37 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e-zfyE2pbDTyYQrCQWWBVQC0FJ7OV3Fqk4CSA41GVMg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 344469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DE31 2 KB
434 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11526600108618904444550012478007&a=b25dcea2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 15 Oct 2023 21:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 21:01:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Oct 2023 21:37:48 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DE31 10 KB
10 KB 44ms
15ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11526600108618904444550012478007&a=b25dcea2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Toenisvorst, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: a0e063fbe69050931cd44811e6380e6f96ef1504384c2ea1ce507869345ccf2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9891
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DE31 9 KB
9 KB 45ms
15ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11526600108618904444550012478007&a=b25dcea2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Toenisvorst, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 8cb75ce567efb81337a89f4cad57751226540ae87c912c08216238cebad5055a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9250
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DE31 7 KB
8 KB 142ms
116ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11526600108618904444550012478007&a=b25dcea2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Toenisvorst, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: b03352ab1daa605212f3d1e63385acbbb4348ced8cf96bb0984ca34654e00ee2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7633
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 270d.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 3 KB
1 KB 8ms
8ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/270d.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7200732666cad7e17b06c3adefa0f0aaf80e21abf925229038ece9c54fb2419f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:48 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1282
x-served-by: cache-fty21378-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:32:28 GMT
etag: "jNdygPw3QiolBZ0tbdWXlw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: d06fe94ae7e9c5ae
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:55:34 GMT

GET
H2 200 1f9ef.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1004 B 19ms
18ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f9ef.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f33d8bb5c5dc671fe0952adf9047dffafa2d7ff3ecb4aeeb75cddd4a0c9cd622

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:49 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 820
x-served-by: cache-fty21347-FTY, cache-fra-eddf8230058-FRA
last-modified: Mon, 04 Jun 2018 23:15:26 GMT
etag: "d63lRnhrUiwfVsV+dNSxsA=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 75ca7641c15397dc
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 12 Sep 2024 08:15:42 GMT

GET
H2 200 1f400.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 1 KB
940 B 20ms
19ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f400.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8bfbece3bc1d503247a8f7ba2ea9539534998fdc196b1aab974eef66a1f97a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:49 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 779
x-served-by: cache-fty21336-FTY, cache-fra-eddf8230058-FRA
last-modified: Thu, 16 Apr 2020 17:05:37 GMT
etag: "82tm4vgC3J9D2LT6GMCEqg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: b1e4a3cefe746f87
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:32:24 GMT

GET
H2 200 1f9d0.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1 KB 20ms
19ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f9d0.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0805fa46a5ed3f4da936ef86d38dc7124827e4e926d00d429cbe87a5ea7c361e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:49 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 828
x-served-by: cache-fty21328-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:32:23 GMT
etag: "7OYoNUSnA/FYtJdQeq47Yg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: dca5a4ed8bfd43da
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:49:38 GMT

GET
H2 200 1f477.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 3 KB
1 KB 8ms
7ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f477.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0962a36a56e23bee72d08a0758b91e84d16fef596181e03e4fb9c3002806065b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:49 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1216
x-served-by: cache-fty13729-FTY, cache-fra-eddf8230058-FRA
last-modified: Thu, 31 Oct 2019 20:40:52 GMT
etag: "h/xFh/KJntnzivhNhXLesw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: b25cf8dc0ec039e4
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 07 Sep 2024 02:36:30 GMT

GET
H2 200 1f477-200d-2642-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1 KB 8ms
8ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f477-200d-2642-fe0f.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3441f20163e5dd98803301d480b870d7aaeecfe841f9bee670efd11009d9f8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:49 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1136
x-served-by: cache-fty21354-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:31:02 GMT
etag: "jPkRvog1fQfjD7kzDaqjkQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 73670ac55b89e32e
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 21 Aug 2024 09:08:54 GMT

GET
H2 200 1f449.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 563 B
533 B 8ms
8ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f449.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:49 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 372
x-served-by: cache-fty21325-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
etag: "Ay2Qf/SaY+B1fK3V82qyFg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: fe76c0c9e4c647c5
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:33:15 GMT

GET
H2 200 1f916.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1 KB 7ms
7ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f916.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20e5f9466f9c909d9cdf67a83af252df198ba686c57cfc0271afab9d48cee699

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:49 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 684
x-served-by: cache-fty21344-FTY, cache-fra-eddf8230058-FRA
last-modified: Fri, 10 Aug 2018 17:45:20 GMT
etag: "tn5lwqsEKNp4bB9T6/1CQw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: cb8af6f6434ce01b
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:46:03 GMT

GET
H2 200 1f9d1-200d-1f527.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 671E 2 KB
1 KB 8ms
8ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f9d1-200d-1f527.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55ff4a43d26f59582712ca76517e44b004b076f587d90128e326a6edfbdc27b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 15 Oct 2023 21:37:49 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1107
x-served-by: cache-fty21328-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 22 Jan 2020 23:14:21 GMT
etag: "5NgDw7sPilyOLTe2v6ehwQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 33786ebd9b32b786
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 25 Sep 2024 08:58:33 GMT

GET
H2 200 WXbuqyjo_normal.jpg
pbs.twimg.com/profile_images/843841615122784256/ Frame 671E 2 KB
2 KB 10ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/843841615122784256/WXbuqyjo_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/4.1579d566fe7ef23f99dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

574ed70e9c532d55cd6cbab7c9c16ca81be12c9776ed08325750e793fa893051

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:49 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 544742
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2035
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/9 profile_images/843841615122784256
last-modified: Mon, 20 Mar 2017 15:06:13 GMT
server: ECS (frb/668C)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 786d8f2dfdcfbd7d
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 18785150734b3a4381e95f8c40801873f006b2c5979c521dd8dc601ff933e16d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 jot
syndication.twitter.com/i/ Frame 671E 43 B
142 B 118ms
118ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697405869579%2C%22event_namespace%22%3A%7B%22action%22%3A%22seen%22%2C%22client%22%3A%22tfw%22%2C%22component%22%3A%22privacy-notice%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fm.fanfiction.net%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AFictionPress%22%7D&session_id=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 15 Oct 2023 21:37:49 GMT
strict-transport-security: max-age=631138519
last-modified: Sun, 15 Oct 2023 21:37:49 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 2a3b5b6d4fb5017f
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d6137991b8528053541a615304597627ad5b43232a18c9dc67f1657d40b04ae0
content-length: 43

GET
H2 200 jot
syndication.twitter.com/i/ Frame 671E 43 B
96 B 574ms
574ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697405869582%2C%22event_namespace%22%3A%7B%22action%22%3A%22seen%22%2C%22client%22%3A%22tfw%22%2C%22component%22%3A%22privacy-notice%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fm.fanfiction.net%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AFictionPress%22%7D&session_id=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 107
date: Sun, 15 Oct 2023 21:37:49 GMT
strict-transport-security: max-age=631138519
last-modified: Sun, 15 Oct 2023 21:37:49 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 4d853cf4e6e4a8cb
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d6137991b8528053541a615304597627ad5b43232a18c9dc67f1657d40b04ae0
content-length: 43

GET
H2 200 jot
syndication.twitter.com/i/ Frame 671E 43 B
96 B 575ms
575ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697405869591%2C%22event_namespace%22%3A%7B%22action%22%3A%22seen%22%2C%22client%22%3A%22tfw%22%2C%22component%22%3A%22privacy-notice%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fm.fanfiction.net%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AFictionPress%22%7D&session_id=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 112
date: Sun, 15 Oct 2023 21:37:49 GMT
strict-transport-security: max-age=631138519
last-modified: Sun, 15 Oct 2023 21:37:49 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 46cfa6fdc4b1b4ce
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d6137991b8528053541a615304597627ad5b43232a18c9dc67f1657d40b04ae0
content-length: 43

GET
H2 200 jot
syndication.twitter.com/i/ Frame 671E 43 B
115 B 292ms
292ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697405869594%2C%22event_namespace%22%3A%7B%22action%22%3A%22impression%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fm.fanfiction.net%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AFictionPress%22%7D&session_id=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b

Requested by

Host: m.fanfiction.net
URL: https://m.fanfiction.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/FictionPress?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&origin=https%3A%2F%2Fm.fanfiction.net%2F&sessionId=2f5caa2cc78820a9e77bf7c6f8e5ac61ea0f037b&showHeader=true&showReplies=false&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 111
date: Sun, 15 Oct 2023 21:37:49 GMT
strict-transport-security: max-age=631138519
last-modified: Sun, 15 Oct 2023 21:37:50 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: ee0a696747ef972c
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d6137991b8528053541a615304597627ad5b43232a18c9dc67f1657d40b04ae0
content-length: 43

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame C533 5 KB
5 KB 170ms
169ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3199324476
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:50 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 7542 173 KB
62 KB 217ms
30ms Script
application/javascript 2a00:1450:4001:806::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26b672dd7b102cfdd9f04ed2c9b8aa8ce08a92fa0c077cf1a7c75adc846786d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63266
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 15 Oct 2023 21:37:50 GMT

GET
H2 200 dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387
adservice.google.com/ddm/fls/z/ Frame A697 42 B
401 B 233ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMHW0c6B-YEDFRNZkQUdmiYGRw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=649401531962.9387?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 4F77 0
17 B 185ms
184ms Ping
image/gif 2a00:1450:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lnrzmlty&c=3603414762583&slotId=1801707381291.5&qqid=CMzYkM2B-YEDFRWJ7AodZwUO3A&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&hcn=0&met.4=arp_a_e.1zi~atrd.1zt&ua_e=1&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js Show response
pagead2.googlesyndication.com/bg/ Frame 33F8 37 KB
14 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 344374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:58:16 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame DE31 0
150 B 112ms
13ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=11526600108618904444550012478007&a=18a27021&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=11526600108618904444550012478007&a=b25dcea2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=11526600108618904444550012478007&a=b25dcea2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 21:37:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 92CE 52 KB
18 KB 169ms
19ms Script
text/javascript 18.65.39.98

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=11526600108618904444550012478007&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 05:12:00 GMT
content-encoding: gzip
via: 1.1 4ab1227a56c7dfaf7a8f7750683df1be.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 14:06:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 59152
etag: W/"2c13a74e288a2942ad3d2af9bad52cdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 7gRE9NUV6_0-vQDwkUea4qBkhyc01BN_4ICMseLv4qeBMnRVtA3uRw==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 92CE 3 KB
3 KB 163ms
14ms Image
image/png 99.86.4.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1697406168&Signature=HqPyQ9QtShE5iDronEqZRjqEmDXnnwoLEutzsv9YLk0GYsGlog11qu-wylTkrCzl3JdYYKgS4Q93GiqLM93kXpkabEeroZEhzwJmPy37DD94lqGCYD6KeQhuTvd4KcEUC7Xe49NjDalpzai9TIx1-MVbfmFRlly3spNSm9IsSm9ttCV7albRV10rSKMGtHMrAb8umYXTX4CPNo3ZiuMPUo3o4B1bkaiJC3Ubc970YpsWKBxA4XkAlmcN7L9fKTr1auoxBvlkYjZmWhdfCTal39MF181omES9TwaeWGKwW401lbm3rkegmCxHXOzc2pfCsPfH~Z0wU6uSpHblP8gqeg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 15 Oct 2023 06:29:56 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 54475
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: kilmaJNlPvEnmJNm34vvYKpAet2NKg_k7S4055a0jAB5MuzYTnSb3Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 7542 271 KB
90 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:806::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

797180a6fc9cc1795db969d9dcd3960e840a52ebd7dd384b45deb849bfbbd399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 15 Oct 2023 21:37:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AEF 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bg2K3qlssZZnFE4OXjuwPh4CiuAkAAAAAOAHgBAI&bg=!ycqlyoXNAAZy-tsgUvo7ADQBe5WfOB9k0Ku4RFCImFMVFOiwO-PhEQ1XMhazJNSKi-MoC3RV8RLGYRD7JZBmqOCzkYENAgAAAKJSAAAAB2gBB5kDRU7DJY2pkd9gNTaQjp_VqDUdKMXT5ZV_TECsj-h7dBmPzNBIyL9ENDX8axk32403biWosysJsQ1nQ-8cE5gdLwpn_bU8re4Np6ij8qCCWFGdtmBJc158CUkb_2yNVbO_6ZdpY67WnPrPjrWGZl5IIXpR3Jvkfcdl0jbobJYoWRrRwYRWFlnBYKCDz-LSem2H9J23OVZqXiaXl9yqR7rNQjzaHqpHwjfWQ8EbodF-WQRU2iwS3IlMXhB9Rttxm_AedQHRC4Igc5ef44tDzWyOrVHCPIvHoDN9vRkTlDRdU9ANzQIG2Qpb6y-4GQzSk2nFUrJOuqXgV0iUHahvbhKqjAU-N9jesPAMr8Ep62sCfTuy3XeVUX0c7zO3FpUcYYb7XWXqPhkHYfl3y9xwqi6Hkmo3Y4Nx-TwomtnIcFGPPhoSyCs9I2tZEw4HvvKBi1u1zYNBq4VMZDNHF6qHbIKRg690X6YHsaj2G_hjKnLHo5e0xIktK4PYXS9CnmHbPpQqNivxPkUwqM87W54c0bosPBKqzY3ZkoQbUULFTHcepp66b3IDC7diC0meiqJAEDPehxBYrPVjDZtJe3wA-Xgcj5jPMpevkBtvXWOzqDUOmY1wZNVS1eMpVde7WAWgTFlSOHlARGVLDK5_fkDENdf8xr5IDIICBfM9LLGOgrfNDUAmnowuVc2bMRJ26eC0eN462bxdyZyixzNECZ6VREyUKm3Ct4CU5K0tf-S2oWQB-r0dd0cZgglXHs2Vjqkf2KxxoiEDXrZT300EDmZWL6JfM0-sMZxNCZN4-oBwoXAp1lzxdh5PCjTrPKKMUjIhedNaGZrTcac-MmJsTK7SvkL1hrmrilvy7937cumjk_4rX1junR9N5BShnKtkfsFBtjgqiSZK9OpUGBvG7QESSz4UFA9fbS-b_G89Q2P1eQXWcasIKtGrfU87S03n3q0UwxTC6SzM4v748bm23XwP1L6XcBYrh_TJYi8Y5WbcY-bUXfCtlJd5mSd0t0bBiCxDIP3gEcZgVoB5HhznDClW7yxBuuhWIYOueabqzRVif6wd2d7EwwzqfqY1yFx_2YmaXrlAXd_y51IaXpuliy5LY-YcaM8dNM2czQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
64ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e1e49b25314fe7bd8af54641e7cdcbf04d8cff54e1194bf80877026a2115e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12228
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33F8 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BLCU4qlssZbuQG7qnhcIP1Zqn8A4AAAAAOAHgBAI&bg=!h4SlhMvNAAZy-tsgUvo7ADQBe5WfOELem78ktPQRVUVwPeZMyfvOJTz0Dj6WeR74WLwn9sTZJ1Ai-18EZC2NQqfeuUneAgAAAJxSAAAABmgBB5kDRWepL97nqOnFi3eljAdLE4o6fYsbB5EHXdseyMtsnP51dn-2EHZs1FKvFUQRDd--Je7C5qiSDZJMlK8pTCCY4jZjelbkzCei1OipP-CetvUg5vGSzwhZk2BJjZVJ9rxTEZov54JwfzjuAz5tWMUjng8Il_3Tpx5FrE2F6jGVg_ktHdQgb2Q9W6S1aY9W_20bBwJiOamc-UoMv2Po4skByaCjqRUo67gFw3e8zwS39KK-crOynavUAUG9Ie1DLMDv90bv5iiBvEIrmDV8pd0bnhUtuivh9nkqElMD833Bt9TwyDRL_rnXJlBm1z6aucdZqhi7_BDldX9JoG1t3tqY2z7yox4bMeoFXPXjqoCPUatXegbdH8O8mhvKYEZMuu7fCCdNNQ7CFSYnc-bPTtg00svCoM40KxMwHBDK_xhItWxis-dfoV7IKUxyG-d-iP76WpZXmEc-DUT3CrqDed4f97VxQk-hTkjs3_cW4W4dcTMmZzIbrung_1HnCnmUTUe9GW-wKrdOl8uov50pPEswA2LsJgIiTiDb-P3fYbREtsLKUuMctqGvjRYj4J2ccK1tCsH9fR2ffwLSRPCmMr1laXvo7LvcAz5liQnD31UcsM08JyGLvor5sj1yV7HGt_tGzX4jjLnqOrit7_Je0qQY70kUiIPf3WmpjcQ_C3jrhhccGzhy5EPfv8HO4yO974aEQB0Si3EqGTKruIOH-MIoMSEkL9UXLhlJn7l4680udQaAVEiNa5T6pIFMmnucuOMjlmvl73Yvm9jAXGqtnNGU5_omw6EiOJ3WDo8jTQ-WHM4zOL6Z4ld09wJ-I5OXaIM1U1FPbBHVMEyxD4VPbiuVSqH4PjP1QhhjUIDEMUPlbe-nMW9jmI-nU6oHK_PtD7A_-tbXQRWpg5xI6ny1HkTzIXQpqLbFRo-1yOwOFjTO64HLxgFn3NoANk82VcwLwRtfLAv75uChdANtTg8JC88UvX4WtECM5yGUIHFfdldwkkwcIxfx6Kpbq7OVc2PlUkos0m_bpgKAvs96Q8vxsBkk8Kl4gaNYiHJTnpJ2sh4mcHbKA1DSecyoZeR9jcyr1vrRFoSVae4VpHUINkZz3Jg0OKBNsOF6nw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 21:37:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
0 34ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.fanfiction.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 21:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 15 Oct 2023 21:37:50 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fanfiction.net/	1970-01-20 15:30:07	Name: __cf_bm Value: mO1Imqu_PK01mzyOS40ebO9ksXzdfaKcqwoVcEvOphY-1697405864-0-AbXbYCseii8zv5XKkn7SnewcKtpHA3Fe1NZRzpygZVojfdaKBfJlDs0/PtpDR7yIZXefArDz6zRko8GtDxoaAzg=
.fanfiction.net/	1970-01-21 00:15:41	Name: cf_clearance Value: otmKRDKbdBEJ3YLtTPSyLUVmqdMdY2P6l9FOI6gaZZA-1697405865-0-1-2c7eb173.d22e913c.2ba7823-0.2.1697405865
.fanfiction.net/	1970-01-21 00:51:41	Name: __gads Value: ID=67d329935195578a:T=1697405865:RT=1697405865:S=ALNI_MaZhv-PbYvt1Xod36mudlDIlJAWHg
.fanfiction.net/	1970-01-21 00:51:41	Name: __gpi Value: UID=00000c99e427daff:T=1697405865:RT=1697405865:S=ALNI_MYP_pPlW7NjON8vT4NhCAeBTWpdyg
.doubleclick.net/	1970-01-21 00:51:41	Name: IDE Value: AHWqTUnM6BKa1jEEoT0t4rtC7c1UGKnCeem_QtfupXjs9qceiNFfB-LuQc2Zh3UuvJw
.googleadservices.com/	1970-01-20 17:39:41	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 00:15:41	Name: CMID Value: ZSxbqgCghZEJ84PwEWuNGQAA
.casalemedia.com/	1970-01-20 17:39:41	Name: CMPS Value: 5262
.casalemedia.com/	1970-01-20 17:39:41	Name: CMPRO Value: 5262
.doubleclick.net/	1970-01-20 19:49:17	Name: APC Value: AfxxVi5bkF85_uvWA5RNixcnoPpge3G19R_GqFtKX5KDlg9CK3qt-Q
.adnxs.com/	1970-01-20 17:39:41	Name: uuid2 Value: 5941288382196967424
.adnxs.com/	1970-01-20 17:39:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?bm7rZ-!]tbPl1M>e)ZlrFUfJ+tGXxp?=9.!RXS61tSEZeHZ5*xA@j^.D^ND4-+hxA>3If)y3KL9D3I?+x6z:jv
.redintelligence.net/	1970-01-20 17:39:41	Name: 8lcfmzhxc8d6_uid Value: 928ed777382b84f8
.retailads.net/	1970-01-20 16:13:17	Name: ppb2172 Value: 3199324476

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
abs-0.twimg.com
abs.twimg.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
bid.g.doubleclick.net
cdn.flashtalking.com
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
ff77.b-cdn.net
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
imasdk.googleapis.com
m.fanfiction.net
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
pv.medialead.de
secure.flashtalking.com
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
vast.doubleverify.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.119.108.55
104.18.27.193
104.244.42.72
104.244.43.131
116.202.48.214
138.201.63.157
142.250.185.194
145.239.193.130
172.217.16.198
172.217.18.98
172.64.151.202
18.65.39.98
185.89.210.82
2400:52e0:1e00::1081:1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:13f2
2a00:1450:4001:801::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4006:807::2003
2a01:4f8:d0a:2321::2
2a0b:4d07:101::1
3.9.163.207
49.12.16.151
74.125.133.154
94.23.99.218
99.86.4.52
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
03d7c27d48e30f626b427e4335c4a5a113be05599e4e30d95b7f3e1d5d09f4fe
03e5ff0b7904715daedf556de67c7a09910c63137032eed525329ccbfeaab758
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0701653e0c95bdd073234cef556e80f1d18c052cab233d114659114cd14fce81
0805fa46a5ed3f4da936ef86d38dc7124827e4e926d00d429cbe87a5ea7c361e
0962a36a56e23bee72d08a0758b91e84d16fef596181e03e4fb9c3002806065b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
15909e2a4cb16552bdc4297ee7445360df3e9cfe064edf50c8304688d3b71887
1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20e5f9466f9c909d9cdf67a83af252df198ba686c57cfc0271afab9d48cee699
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2371d133cf2face007d6657ea76e84b955a17ae20dc313612a0330d1551b028c
26b672dd7b102cfdd9f04ed2c9b8aa8ce08a92fa0c077cf1a7c75adc846786d2
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3213bf0ae16579f4374117a39a003c3bd4eedb04533ed3ca47347c75eba89beb
3441f20163e5dd98803301d480b870d7aaeecfe841f9bee670efd11009d9f8e6
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d083462e5c6148e3ffd7734a073cf8c41b191beaca55f961c76eb45eab28c6e
3effab7013cf9a1b25fc76975f042ec2caef2a7726c8de4c3de934f3de4d4adc
41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10
417222d932f02cfcd43d4751ffaeed9d88f4fd98f38cdd59b5743ec8fac3d031
433cbbfbc4da43ce1cab7e8a549ffa0dc2dfbff9f874be816c3f6d99edba187c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
447a4ffbc324aaa746b160c837a137c902d0d01d54da0bb4cae019a13e332ae9
47fa0492471e29727e969f288a122f02c8ca93f15c2232982bebd85b5b95d7ca
4888fc21dc1f5c0e07cc1c39882b9e7321581034947e780927240e7f0b2cc222
48c7db6d839d307798dae0e5f6a9b6b7a8c534575f6e587131fbeef6343bcec6
4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5217d1494f12e9968654268c8f56cc85e3b6109f5d8d33dabdfdf94004d6ebe2
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5499d9368e810f3720f0e886b7a3e6ccc27eaf075fc37cf6659420c2e8235d5a
5534bb870e2ac44da2e4939fe211e4c00d0d1b68eb724e45a702e0907de00246
55ff4a43d26f59582712ca76517e44b004b076f587d90128e326a6edfbdc27b3
570560b7a13d000373eef0c9833bc37450695a3e6ebe94347be3341ad10d29a5
574ed70e9c532d55cd6cbab7c9c16ca81be12c9776ed08325750e793fa893051
57b181bb834d2d9a127d5ae7fc1d58886cf48c0e5cd0b71bb0ce09a13b467c1d
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5a8495469faaa41a4ffd046646ab9ac451effad6b9609eb870c758ae138a4dd9
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6e4c7f45987f5b5e2e4a0addcd924e736312fd3b2c42f7bcd41feb242fcf721e
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
710a70e991d56398e7f93558fc64847c545c47015f58af3ab0c0f599eb59701f
713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45
71c71522c09b2c7d2ca4216c1df205bd2b80d98c828f80ea65244ab0d84fb6d8
7200732666cad7e17b06c3adefa0f0aaf80e21abf925229038ece9c54fb2419f
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326
761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd
797180a6fc9cc1795db969d9dcd3960e840a52ebd7dd384b45deb849bfbbd399
7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f
7aba0e2c6c13c8b5df15015cb5abfca09d840967125c097f3d09343cafef98df
7becdfc84da96c34f2610ac24165815500b4149ece57716a938092038d4654c8
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
8bfbece3bc1d503247a8f7ba2ea9539534998fdc196b1aab974eef66a1f97a61
8cb75ce567efb81337a89f4cad57751226540ae87c912c08216238cebad5055a
9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9562e67b97f96f4f008179b61f9fcc006620c32307cec3ad9fe2e6d0b58378e3
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9e1e49b25314fe7bd8af54641e7cdcbf04d8cff54e1194bf80877026a2115e50
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e063fbe69050931cd44811e6380e6f96ef1504384c2ea1ce507869345ccf2a
a66da3004ab7904cb4abc086d932fde6720e5db5ae6acc974e48fa3b16d69ab0
a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b03352ab1daa605212f3d1e63385acbbb4348ced8cf96bb0984ca34654e00ee2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef
bd78a5f1c76ddbbd25e83666c5baf0a3bf6b46fee0249e8c7778e154b536180c
bdedb6c977d1ebab9fe704b48e0a93f9aebb3ea4e38a9fb9ea22c5a291515f69
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581
cf0ec40142f44e8db92b5992581733f87f6b0f9cb89b90dd92fed5fdc732b444
d709d1a1a12f372cbd746fb29638bbbe4e88a256998da13c8c859a7fd6a29f6c
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77503b3d2de51df8e79e4aa5fde3ba13f14e306d98b9d464b207d4d9c63ef25
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed307b9176ce74e8ec5cd56461795d1c63e3a2df73afe3dbb03731e20a8e7101
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2059adc7c98d335ae12b6e518e8478e64e7f13ae592172142a57bf32a1a7f3e
f33d8bb5c5dc671fe0952adf9047dffafa2d7ff3ecb4aeeb75cddd4a0c9cd622
fd44417f0404284ff6cf70d4a933da52b0120e03215995a0bb2ec4c680329701

m.fanfiction.net Open in urlscan Pro 2606:4700::6812:13f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

94 %HTTPS

47 %IPv6

24 Domains

38 Subdomains

34 IPs

6 Countries

1872 kBTransfer

28336 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.fanfiction.net Open in urlscan Pro
2606:4700::6812:13f2 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

94 %
HTTPS

47 %
IPv6

24
Domains

38
Subdomains

34
IPs

6
Countries

1872 kB
Transfer

28336 kB
Size

14
Cookies

143 HTTP transactions
1 data transactions