Submitted URL: http://adotat.com/
Effective URL: https://www.adotat.com/
Submission: On October 31 via manual from US — Scanned from DE

Summary

This website contacted 22 IPs in 6 countries across 19 domains to perform 129 HTTP transactions. The main IP is 104.198.104.14, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.adotat.com.
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.
This is the only time www.adotat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 104.198.104.14 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
1 80.66.79.252 60602 (INOVARE-A...)
13 2400:52e0:1e0... 200325 (BUNNYCDN)
1 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
8 142.250.185.226 15169 (GOOGLE)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 37.157.2.228 198622 (ADFORM)
2 2 213.155.156.184 1299 (TWELVE99 ...)
12 192.0.77.2 2635 (AUTOMATTIC)
14 35.86.95.232 16509 (AMAZON-02)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
1 169.150.247.38 ()
129 22
Apex Domain
Subdomains
Transfer
31 sumo.com
load.sumo.com — Cisco Umbrella Rank: 15997
sumo.com — Cisco Umbrella Rank: 14910
media.sumo.com — Cisco Umbrella Rank: 47957
micro-cdn.sumo.com
475 KB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
501 KB
19 gstatic.com
fonts.gstatic.com
www.gstatic.com
510 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
266 KB
14 wp.com
stats.wp.com — Cisco Umbrella Rank: 2855
pixel.wp.com — Cisco Umbrella Rank: 2799
i0.wp.com — Cisco Umbrella Rank: 3823
2 MB
13 adotat.com
adotat.com
www.adotat.com
1021 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
7 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
www.googleadservices.com — Cisco Umbrella Rank: 145
601 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
653 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
119 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5683
555 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
715 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
541 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 promsmotion.com
net.promsmotion.com — Cisco Umbrella Rank: 750787
687 B
1 cdzanalytics.com
ga.cdzanalytics.com
129 19
Domain Requested by
16 fonts.gstatic.com fonts.googleapis.com
www.adotat.com
14 sumo.com load.sumo.com
14 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
13 load.sumo.com www.adotat.com
load.sumo.com
12 i0.wp.com
11 www.adotat.com www.adotat.com
10 pagead2.googlesyndication.com www.adotat.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 cm.g.doubleclick.net googleads.g.doubleclick.net
5 fonts.googleapis.com www.adotat.com
googleads.g.doubleclick.net
client
load.sumo.com
3 media.sumo.com load.sumo.com
3 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
2 www.googleadservices.com
2 d5p.de17a.com 2 redirects
2 c1.adform.net 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
2 securepubads.g.doubleclick.net www.adotat.com
securepubads.g.doubleclick.net
2 adotat.com 2 redirects
1 micro-cdn.sumo.com
1 ads.travelaudience.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.wp.com www.adotat.com
1 net.promsmotion.com www.adotat.com
1 stats.wp.com www.adotat.com
1 ga.cdzanalytics.com www.adotat.com
129 31

This site contains links to these domains. Also see Links.

Domain
www.troutmanamin.com
www.facebook.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
www.adotat.com
R3
2023-10-22 -
2024-01-20
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
cdzanalytics.com
GTS CA 1P5
2023-10-27 -
2024-01-25
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
net.promsmotion.com
R3
2023-10-03 -
2024-01-01
3 months crt.sh
*.sumo.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-16 -
2024-02-16
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
micro-cdn.sumo.com
R3
2023-10-02 -
2023-12-31
3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.adotat.com/
Frame ID: B61701D06FBA02424CBB322FF75958F9
Requests: 87 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 4A63B0022858C77C038EA31D3110A709
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&adk=1812271804&adf=3025194257&lmt=1698757242&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.adotat.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769520684&bpp=12&bdt=1290&idt=367&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2186478466827&frm=20&pv=2&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=428
Frame ID: D36246806B6A34606ADABD234BBA7C14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Frame ID: 7C061361601661435EE8B5EEDCF6875E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 77C7C890DFD2F48734F64216841A004D
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A34EA7F194BEC1144A09D0CC5E63664F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Frame ID: ABC9E06C1F664C5D0FC545A96BD5D6E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7A32DBC16B1F5131AD9C00AD4BE5581F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FC67FAB8A3B88BB6E4088E3830C82EF4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Frame ID: 68D01AF58BD226BE1B817EEA05A961E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4752F883BEB566ECAF40CCA9CD74D701
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D817F7DEF730ECEA067108A4A77CD858
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Home - ADOTAT with Pesach Lattin

Page URL History Show full URLs

  1. http://adotat.com/ HTTP 301
    https://adotat.com/ HTTP 301
    https://www.adotat.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

129
Requests

95 %
HTTPS

54 %
IPv6

19
Domains

31
Subdomains

22
IPs

6
Countries

5410 kB
Transfer

12429 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://adotat.com/ HTTP 301
    https://adotat.com/ HTTP 301
    https://www.adotat.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPlyNaem5UXtMyd4RRcydHY&google_cver=1&google_push=AXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPlyNaem5UXtMyd4RRcydHY&google_cver=1&google_push=AXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 64
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENm4q2fbf_BQ-LojP24no0E&google_cver=1&google_push=AXcoOmRc5ool45rbNN8uTezcyojn-3We5auwXsadjiOavcr_9ITG-lqnV91jsxWU0ByslKm5k0GGWUCdVNax2qiinwuQOq2kBwnx7yw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENm4q2fbf_BQ-LojP24no0E&google_push=AXcoOmRc5ool45rbNN8uTezcyojn-3We5auwXsadjiOavcr_9ITG-lqnV91jsxWU0ByslKm5k0GGWUCdVNax2qiinwuQOq2kBwnx7yw
Request Chain 65
  • https://um.simpli.fi/gp_match?google_gid=CAESEHXlzGzzeN6sqgvKU6gMeJQ&google_cver=1&google_push=AXcoOmR6LqW8F9nUv49VAFPH7eja8827gClYQgy0fdSUkJMvS5JtzxK1R5pX6JV0yuVGuFoGQ39TN6ya-pXyvK5hNXxwYfidEMpTdh4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=098FC56607CA4831B34874923F28082A&google_push=AXcoOmR6LqW8F9nUv49VAFPH7eja8827gClYQgy0fdSUkJMvS5JtzxK1R5pX6JV0yuVGuFoGQ39TN6ya-pXyvK5hNXxwYfidEMpTdh4
Request Chain 66
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECRQbU6wFTP1htpXnR26vr4&google_cver=1&google_push=AXcoOmR25zmOCsv4OPZCSOh6OcSbRz8qrczL2XPDC1KpNORZQdhHOdnYXTaDdPj353O1GSys6mnAI7dDFQapwwJtVC0gPkI3JjanvYo HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=v3gpjpuXS2k8BZAYcBAsxA&google_push=AXcoOmR25zmOCsv4OPZCSOh6OcSbRz8qrczL2XPDC1KpNORZQdhHOdnYXTaDdPj353O1GSys6mnAI7dDFQapwwJtVC0gPkI3JjanvYo
Request Chain 67
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPoEu9NDMfyiY-d07yRSHB4&google_cver=1&google_push=AXcoOmTcmRx6eo1_hVY4nsEtogG3Xkq_JM65alz5y3EmSQpaqianw-Pgz4_9sgw0d2dt-3UJbWlEsi-jQFPR2cBCtbJGVmhAMa40Eg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPoEu9NDMfyiY-d07yRSHB4&google_cver=1&google_push=AXcoOmTcmRx6eo1_hVY4nsEtogG3Xkq_JM65alz5y3EmSQpaqianw-Pgz4_9sgw0d2dt-3UJbWlEsi-jQFPR2cBCtbJGVmhAMa40Eg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0NTkwNTQyMzA1MDExOTE0OQ&google_push=AXcoOmTcmRx6eo1_hVY4nsEtogG3Xkq_JM65alz5y3EmSQpaqianw-Pgz4_9sgw0d2dt-3UJbWlEsi-jQFPR2cBCtbJGVmhAMa40Eg
Request Chain 68
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJe6XLbBgldXl1U8ErCd4UI&google_cver=1&google_push=AXcoOmQ3o8jhtcNNZli63zU52EBrry0EDyrIwmWJ_zOHnIP9NulZ98npVWPiGSdx55ntRjC2Ft12tgW1oRnoR_M8UgqENNpbOvg_eQg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJe6XLbBgldXl1U8ErCd4UI&google_cver=1&google_push=AXcoOmQ3o8jhtcNNZli63zU52EBrry0EDyrIwmWJ_zOHnIP9NulZ98npVWPiGSdx55ntRjC2Ft12tgW1oRnoR_M8UgqENNpbOvg_eQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3o8jhtcNNZli63zU52EBrry0EDyrIwmWJ_zOHnIP9NulZ98npVWPiGSdx55ntRjC2Ft12tgW1oRnoR_M8UgqENNpbOvg_eQg
Request Chain 70
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 72
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQkM7cSpBZZG3LdGV-cAP8qWFgAnu2ZT2c6nEqOCHEtnZHhABINP38y9glYKAgJQHoAGDwK6VAsgBA6gDAcgDyQSqBPkBT9Ai_481ESWj3LjYyVpEl63hzcrvk1zeULvSUqovz0NXHSbBGf4Zne7L8sdML0b6Q3k5Qi1RzGbrbpbQjoKNrSz_vWq6Ma4BjcslcOWc95iUxB3m7k5iLpdlZxCSR3FuFV-PH4GS2GA4wAmDU5v2gPV-OIucDxQphB_hl4cHaTNGAnQSRNbgiHgHqyhD5fResoj1wgd1rOc-z0D-qC_IMSrFlv-SeBsOFZ-XS9OuopjYjVopV3VLMBUIIxcek0CzLjahlapSzHXim_rAPfsVcIYtonTev569tXCPaY7pCxDoNawDmwt4HhDa9ZVUs-zdq2T1ItSieYN6wASgj4WK1ASIBeLwzuhMkgUECAQYAZIFBAgFGASgBgOAB-W_0eoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ1IMQ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJgwJodHRwczovL3d3dy5jb3Rvc2VuLmNvbS9hY3Rpdml0eS9ob3Qtc2FsZS02ODExLz90c3B1PVNQMjMwOTEzVUJZMyxTUDIyMTIxM09BS1YsU1AyMjEyMjJRRE1ELFNQMjMxMDI3Q1NWUCxTUDIxMTEyM0k2UVksU1AyMjEwMTJEUE1PLFNQMjMwNzIwS0xIUCxTUDIxMDkxMThCRzksU1AyMjEwMTg0TFlOLFNQMVJLOVlZTUdYLFNQMjMxMDEySkdXUCxTUDIxMDkyNVNBNTIsU1AyMzEwMTJXRDM2LFNQMjMxMDI2SDI3RSxTUDIzMTAxMlJFVkQsU1AyMzA4MTc1SU9PgAoByAsBogwMKgoKCOS0sQLutbEC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTMxODUyMTExOTU3MjU3MTMYAA&sigh=FgsmeHyZFrY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaN5QeWOQe5u98HSq7a_7O1ypGBLe7xzqqq1xoTYws_UCcasJ64dSS8_i1d3WDSohbQUYsoIvrw0xgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227607106798121643088%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581672963%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223474829509764282017%22}&andc=true

129 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.adotat.com/
Redirect Chain
  • http://adotat.com/
  • https://adotat.com/
  • https://www.adotat.com/
571 KB
58 KB
Document
General
Full URL
https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e4225495f64e461d040dc2373bfb2a7ef8d069a500cae599034823fcba780855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 16:25:19 GMT
last-modified
Tue, 31 Oct 2023 14:00:42 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
wpo-cache-status
cached
x-cache
HIT: 6
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 16:25:18 GMT
last-modified
Wed, 16 Aug 2023 10:28:25 GMT
location
https://www.adotat.com/
server
nginx
x-cache
HIT: 6
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
/
www.adotat.com/_jb_static/
3 MB
333 KB
Stylesheet
General
Full URL
https://www.adotat.com/_jb_static/??-eJyVUltywjAMvE2/agzTFuhHpzfoFTKKrYDBr7EUmNy+IpAUylDKjxNZu6uNsnqflYvGtxZJGyJtHbGufTJb5V1doHSauPM4CS5OBPCshWFSZIyss29XLpLeIGcw2+FZ7TDaVDS0nAIwOzN01M5ZTLmgTKpb5+1pFFrHQugL0j1ITtyPE0ePG9JB0IAew8HCeZE9dFiUxxWY7sLwTbr0zut/fWVItvWi5d1WzuN2bnHYqoh78siM5T7WpJATCVLeQ+vZqdyWw80DVCBCJt0IhEadQeZXfSXIa9kD6S/xnCE/ZPm49jPqycghVWyrY7sK8MeGRY4YooViVb/qW2IDqurjdk/T+NTaMc4XSrX4IqqaIqy7P/5AOb1fYQ2YNcpFUhIh13R6Nn9fTufLxcvrMPGnqdYIVpI6bSxA3cyH2H2Gj4H2tngy9cfsGwgLXqw=
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
1bff2c83e2e70981f72f48c7648684b176e46113d58c0df4f903e460543bb1d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
x-cache-group
normal
content-encoding
br
last-modified
Mon, 23 Oct 2023 13:45:57 GMT
server
nginx
x-cacheable
YES:31536000.000
x-page-optimize
cached
x-powered-by
WP Engine
etag
W/"43efb26ecc0980faa6807a5695ea9198-gzip"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache
HIT: 6106
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, must-revalidate
css
fonts.googleapis.com/
69 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9023b221280f6d72ac0e8f7913271eb8a392dfb8a4f0ab9f29784c806d2af47f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 16:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 16:25:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 16:25:19 GMT
troutman-5-scaled.webp
www.adotat.com/wp-content/uploads/
98 KB
99 KB
Image
General
Full URL
https://www.adotat.com/wp-content/uploads/troutman-5-scaled.webp
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
488206ff95931bde79adaae847e1eec866c9f9c5fb3a5b268b7d9a5182971bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
last-modified
Fri, 12 May 2023 14:20:12 GMT
server
nginx
etag
"645e4b1c-18922"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
100642
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:07:48 GMT
x-content-type-options
nosniff
age
512251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Oct 2024 18:07:48 GMT
adblack.jpg
www.adotat.com/wp-content/uploads/
35 KB
36 KB
Image
General
Full URL
https://www.adotat.com/wp-content/uploads/adblack.jpg
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1075526b3d9f07e27eb2ef79e165ccca9970f0cb5a77a8b6347fcad85dd21981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
last-modified
Wed, 03 May 2023 01:56:58 GMT
server
nginx
etag
"6451bf6a-8de1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
36321
xxx_menu-bg_xxx.jpg
www.adotat.com/wp-content/uploads/
68 KB
68 KB
Image
General
Full URL
https://www.adotat.com/wp-content/uploads/xxx_menu-bg_xxx.jpg
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ba30d9e5f400066d039a41354ecfe1111e51a27a7c9ae4a61be9d170518e59d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
last-modified
Wed, 03 May 2023 01:20:25 GMT
server
nginx
etag
"6451b6d9-11042"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
69698
troutman3-1-jpg.webp
www.adotat.com/wp-content/uploads/
28 KB
28 KB
Image
General
Full URL
https://www.adotat.com/wp-content/uploads/troutman3-1-jpg.webp
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
27a38941d8ed4af80b1d181c61fb9acccae9f29626c893cc764eba51ef870016

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
last-modified
Tue, 16 May 2023 18:32:14 GMT
server
nginx
etag
"6463cc2e-6e12"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
28178
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:02:10 GMT
x-content-type-options
nosniff
age
303789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 04:02:10 GMT
va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 07:35:29 GMT
x-content-type-options
nosniff
age
377390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23620
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 07:35:29 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:46:00 GMT
x-content-type-options
nosniff
age
599959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23880
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Oct 2024 17:46:00 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 21:27:05 GMT
x-content-type-options
nosniff
age
241094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 21:27:05 GMT
va9B4kDNxMZdWfMOD5VnMK7eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnMK7eRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b8a8f6a011ba6b0f0c157700106f1e5c7882f533bae40c98c28320dab68f2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 17:22:41 GMT
x-content-type-options
nosniff
age
82958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25080
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 17:22:41 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:16 GMT
x-content-type-options
nosniff
age
62583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 23:02:16 GMT
va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 16:37:55 GMT
x-content-type-options
nosniff
age
85644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24868
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 16:37:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:16:19 GMT
x-content-type-options
nosniff
age
425340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:16:19 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
wpo-minify-header-f53e0c17.min.js
www.adotat.com/wp-content/cache/wpo-minify/1698068734/assets/
114 KB
39 KB
Script
General
Full URL
https://www.adotat.com/wp-content/cache/wpo-minify/1698068734/assets/wpo-minify-header-f53e0c17.min.js?m=1698068738
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
27b5efafe2f176959d45529a57eea37ab34e8604e2b5cfab7a7327a09333e72d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
content-encoding
br
last-modified
Mon, 23 Oct 2023 13:45:38 GMT
server
nginx
etag
W/"65367902-1c9bc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gpt.js
securepubads.g.doubleclick.net/tag/js/
95 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c5be5604e6804ddbacb0e251c0f6aac6e049fdbe367be756e7c17342a0e8971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29856
x-xss-protection
0
server
cafe
etag
623 / 19661 / 31079133 / config-hash: 4962115006177636974
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:25:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
154 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3185211195725713
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a622078bbb623e6c7cde7894ee075b4addd24968bc4aae2d69fe274babc50a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adotat.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52045
x-xss-protection
0
server
cafe
etag
15283836391438340638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:25:19 GMT
/
ga.cdzanalytics.com/
0
0
Script
General
Full URL
https://ga.cdzanalytics.com/
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C100%2C200%2C300%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A400%2C600%2C700%2C100%2C200%2C300%2C500%2C800%2C900%7CRoboto%3A400%2C500%2C700%2C100%2C200%2C300%2C600%2C800%2C900%7CMerriweather%3A700%2C300%2C400%2C800%7CFira+Sans%3A300%2C400%2C600%2C500%2C800&display=swap&ver=10.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:15:39 GMT
x-content-type-options
nosniff
age
511780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24020
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Oct 2024 18:15:39 GMT
e-202344.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202344.js
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Tue, 31 Oct 2023 16:25:19 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684461103136.7104
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 28 Oct 2024 08:17:16 GMT
/
www.adotat.com/_jb_static/
392 KB
108 KB
Script
General
Full URL
https://www.adotat.com/_jb_static/??-eJyljEEOQDAQAH/jpF1bVRzEW2ptg0Qr2kT8noSDu+tMZuDYBAWf2CcgSxPDsQWxzn52J6Bpm8I0danBxsgpfqRwISTeBZmqrJhY3lguMYe/Q2UdoqLxHfZr91StRpXR0OEFro87xA==
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
5f0bf62bd714e1f430a9642534ec778fd2a2bcae81a38345a0adfc1a7cc674b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:19 GMT
x-cache-group
normal
content-encoding
br
last-modified
Mon, 23 Oct 2023 13:56:52 GMT
server
nginx
x-cacheable
YES:31536000.000
x-page-optimize
uncached
x-powered-by
WP Engine
etag
W/"cdb737319a1232066c1fe3fec99511cb-gzip"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache
HIT: 4404
content-type
application/javascript
cache-control
max-age=31536000, must-revalidate
set
net.promsmotion.com/
1 B
687 B
XHR
General
Full URL
https://net.promsmotion.com/set
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.66.79.252 Chisinau, Moldova, ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.adotat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 31 Oct 2023 16:25:20 GMT
Server
nginx
X-Powered-By
PHP/7.4.33
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1
Expires
Tue, 31 Oct 2023 16:25:20 GMT
/
load.sumo.com/
2 KB
2 KB
Script
General
Full URL
https://load.sumo.com/
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:20 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
1KYFJQFMBFJKH37P
cdn-cachedat
08/01/2023 19:55:24
cdn-pullzone
53731
x-amz-id-2
qq+ntw5IJPjgabl5D2IupL5Qw6IGEklZlzXzRWgabNShliLdR2eEmsTuZwMPqR0zNmJqeRsDUJM=
last-modified
Wed, 05 Oct 2022 16:50:13 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=600
cdn-requestid
1764a1d89b3a78f09f5f708d2a4a3fcd
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/
421 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079133
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8443
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135211
x-xss-protection
0
server
cafe
etag
17495413759700775962
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 30 Oct 2024 14:04:37 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/
395 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3185211195725713&plah=www.adotat.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3185211195725713
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9481f6302b1245cf3b7aa6521faaaf7af92b389a495b34241869f97a5d93429e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137230
x-xss-protection
0
server
cafe
etag
9647693876075507390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:25:20 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 4A63
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3185211195725713
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adotat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28870
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 08:24:10 GMT
etag
4569948109300706969
expires
Tue, 14 Nov 2023 08:24:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
g.gif
pixel.wp.com/
50 B
153 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=205926438&post=40857&tz=-7&srv=www.adotat.com&j=1%3A12.5&host=www.adotat.com&ref=&fcp=2765&rand=0.09603137728545907
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 31 Oct 2023 16:25:20 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
newspaper.woff
www.adotat.com/wp-content/themes/Newspaper/images/icons/
121 KB
121 KB
Font
General
Full URL
https://www.adotat.com/wp-content/themes/Newspaper/images/icons/newspaper.woff
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/_jb_static/??-eJyVUltywjAMvE2/agzTFuhHpzfoFTKKrYDBr7EUmNy+IpAUylDKjxNZu6uNsnqflYvGtxZJGyJtHbGufTJb5V1doHSauPM4CS5OBPCshWFSZIyss29XLpLeIGcw2+FZ7TDaVDS0nAIwOzN01M5ZTLmgTKpb5+1pFFrHQugL0j1ITtyPE0ePG9JB0IAew8HCeZE9dFiUxxWY7sLwTbr0zut/fWVItvWi5d1WzuN2bnHYqoh78siM5T7WpJATCVLeQ+vZqdyWw80DVCBCJt0IhEadQeZXfSXIa9kD6S/xnCE/ZPm49jPqycghVWyrY7sK8MeGRY4YooViVb/qW2IDqurjdk/T+NTaMc4XSrX4IqqaIqy7P/5AOb1fYQ2YNcpFUhIh13R6Nn9fTufLxcvrMPGnqdYIVpI6bSxA3cyH2H2Gj4H2tngy9cfsGwgLXqw=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700

Request headers

Referer
https://www.adotat.com/_jb_static/??-eJyVUltywjAMvE2/agzTFuhHpzfoFTKKrYDBr7EUmNy+IpAUylDKjxNZu6uNsnqflYvGtxZJGyJtHbGufTJb5V1doHSauPM4CS5OBPCshWFSZIyss29XLpLeIGcw2+FZ7TDaVDS0nAIwOzN01M5ZTLmgTKpb5+1pFFrHQugL0j1ITtyPE0ePG9JB0IAew8HCeZE9dFiUxxWY7sLwTbr0zut/fWVItvWi5d1WzuN2bnHYqoh78siM5T7WpJATCVLeQ+vZqdyWw80DVCBCJt0IhEadQeZXfSXIa9kD6S/xnCE/ZPm49jPqycghVWyrY7sK8MeGRY4YooViVb/qW2IDqurjdk/T+NTaMc4XSrX4IqqaIqy7P/5AOb1fYQ2YNcpFUhIh13R6Nn9fTufLxcvrMPGnqdYIVpI6bSxA3cyH2H2Gj4H2tngy9cfsGwgLXqw=
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:20 GMT
last-modified
Tue, 26 Apr 2022 18:33:50 GMT
server
nginx
etag
"62683b0e-1e260"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
123488
td-multipurpose.ttf
www.adotat.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/
127 KB
127 KB
Font
General
Full URL
https://www.adotat.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/_jb_static/??-eJyVUltywjAMvE2/agzTFuhHpzfoFTKKrYDBr7EUmNy+IpAUylDKjxNZu6uNsnqflYvGtxZJGyJtHbGufTJb5V1doHSauPM4CS5OBPCshWFSZIyss29XLpLeIGcw2+FZ7TDaVDS0nAIwOzN01M5ZTLmgTKpb5+1pFFrHQugL0j1ITtyPE0ePG9JB0IAew8HCeZE9dFiUxxWY7sLwTbr0zut/fWVItvWi5d1WzuN2bnHYqoh78siM5T7WpJATCVLeQ+vZqdyWw80DVCBCJt0IhEadQeZXfSXIa9kD6S/xnCE/ZPm49jPqycghVWyrY7sK8MeGRY4YooViVb/qW2IDqurjdk/T+NTaMc4XSrX4IqqaIqy7P/5AOb1fYQ2YNcpFUhIh13R6Nn9fTufLxcvrMPGnqdYIVpI6bSxA3cyH2H2Gj4H2tngy9cfsGwgLXqw=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6

Request headers

Referer
https://www.adotat.com/_jb_static/??-eJyVUltywjAMvE2/agzTFuhHpzfoFTKKrYDBr7EUmNy+IpAUylDKjxNZu6uNsnqflYvGtxZJGyJtHbGufTJb5V1doHSauPM4CS5OBPCshWFSZIyss29XLpLeIGcw2+FZ7TDaVDS0nAIwOzN01M5ZTLmgTKpb5+1pFFrHQugL0j1ITtyPE0ePG9JB0IAew8HCeZE9dFiUxxWY7sLwTbr0zut/fWVItvWi5d1WzuN2bnHYqoh78siM5T7WpJATCVLeQ+vZqdyWw80DVCBCJt0IhEadQeZXfSXIa9kD6S/xnCE/ZPm49jPqycghVWyrY7sK8MeGRY4YooViVb/qW2IDqurjdk/T+NTaMc4XSrX4IqqaIqy7P/5AOb1fYQ2YNcpFUhIh13R6Nn9fTufLxcvrMPGnqdYIVpI6bSxA3cyH2H2Gj4H2tngy9cfsGwgLXqw=
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:20 GMT
last-modified
Tue, 26 Apr 2022 18:33:55 GMT
server
nginx
etag
"62683b13-1fa3c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
129596
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v30/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6hPvhPQ.woff2
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/_jb_static/??-eJyVUltywjAMvE2/agzTFuhHpzfoFTKKrYDBr7EUmNy+IpAUylDKjxNZu6uNsnqflYvGtxZJGyJtHbGufTJb5V1doHSauPM4CS5OBPCshWFSZIyss29XLpLeIGcw2+FZ7TDaVDS0nAIwOzN01M5ZTLmgTKpb5+1pFFrHQugL0j1ITtyPE0ePG9JB0IAew8HCeZE9dFiUxxWY7sLwTbr0zut/fWVItvWi5d1WzuN2bnHYqoh78siM5T7WpJATCVLeQ+vZqdyWw80DVCBCJt0IhEadQeZXfSXIa9kD6S/xnCE/ZPm49jPqycghVWyrY7sK8MeGRY4YooViVb/qW2IDqurjdk/T+NTaMc4XSrX4IqqaIqy7P/5AOb1fYQ2YNcpFUhIh13R6Nn9fTufLxcvrMPGnqdYIVpI6bSxA3cyH2H2Gj4H2tngy9cfsGwgLXqw=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6346146449a783a9e3cec3c70fd8e8911dbaf780220425b792fb89e206b4c2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adotat.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 02:12:07 GMT
x-content-type-options
nosniff
age
396793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12784
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 02:12:07 GMT
elements.png
www.adotat.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/
4 KB
4 KB
Image
General
Full URL
https://www.adotat.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/_jb_static/??-eJyVUltywjAMvE2/agzTFuhHpzfoFTKKrYDBr7EUmNy+IpAUylDKjxNZu6uNsnqflYvGtxZJGyJtHbGufTJb5V1doHSauPM4CS5OBPCshWFSZIyss29XLpLeIGcw2+FZ7TDaVDS0nAIwOzN01M5ZTLmgTKpb5+1pFFrHQugL0j1ITtyPE0ePG9JB0IAew8HCeZE9dFiUxxWY7sLwTbr0zut/fWVItvWi5d1WzuN2bnHYqoh78siM5T7WpJATCVLeQ+vZqdyWw80DVCBCJt0IhEadQeZXfSXIa9kD6S/xnCE/ZPm49jPqycghVWyrY7sK8MeGRY4YooViVb/qW2IDqurjdk/T+NTaMc4XSrX4IqqaIqy7P/5AOb1fYQ2YNcpFUhIh13R6Nn9fTufLxcvrMPGnqdYIVpI6bSxA3cyH2H2Gj4H2tngy9cfsGwgLXqw=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.104.14 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.104.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/_jb_static/??-eJyVUltywjAMvE2/agzTFuhHpzfoFTKKrYDBr7EUmNy+IpAUylDKjxNZu6uNsnqflYvGtxZJGyJtHbGufTJb5V1doHSauPM4CS5OBPCshWFSZIyss29XLpLeIGcw2+FZ7TDaVDS0nAIwOzN01M5ZTLmgTKpb5+1pFFrHQugL0j1ITtyPE0ePG9JB0IAew8HCeZE9dFiUxxWY7sLwTbr0zut/fWVItvWi5d1WzuN2bnHYqoh78siM5T7WpJATCVLeQ+vZqdyWw80DVCBCJt0IhEadQeZXfSXIa9kD6S/xnCE/ZPm49jPqycghVWyrY7sK8MeGRY4YooViVb/qW2IDqurjdk/T+NTaMc4XSrX4IqqaIqy7P/5AOb1fYQ2YNcpFUhIh13R6Nn9fTufLxcvrMPGnqdYIVpI6bSxA3cyH2H2Gj4H2tngy9cfsGwgLXqw=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:20 GMT
last-modified
Tue, 26 Apr 2022 18:33:54 GMT
server
nginx
etag
"62683b12-10e4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4324
72.0a035390359aab65eb82.js
load.sumo.com/
131 KB
44 KB
Script
General
Full URL
https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:21 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
FMGSGJGQBTWVRJ1S
cdn-cachedat
07/26/2023 06:51:53
cdn-pullzone
53731
x-amz-id-2
WSEl9xTH2Gn9NK4dG4tUKq7PjWu4UUEG//nx63LwmWyrTOkJik1SfwhZaBDn+vN/N7UOQCwf0Z8=
last-modified
Wed, 05 Oct 2022 16:49:50 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
170d5294f56e965e21dae19d71a4da24
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
73.0a035390359aab65eb82.js
load.sumo.com/
289 KB
100 KB
Script
General
Full URL
https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:21 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
DWH88T81ZZEBPF44
cdn-cachedat
01/05/2023 13:19:16
cdn-pullzone
53731
x-amz-id-2
jOqTwrO7CKADB6A99P2KE8erCfBGDinliCUfMCHx9ofCH5Hyp/WWaFB+LMZTpDm3rXJNnXg+404=
last-modified
Wed, 05 Oct 2022 16:49:51 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"ad6f2454f01de902ffd473d51c1207bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
ee99c0d493e1057cad1c1a9afb424651
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
cookie.js
partner.googleadservices.com/gampad/
387 B
601 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.adotat.com&callback=_gfp_s_&client=ca-pub-3185211195725713
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3185211195725713&plah=www.adotat.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1453b716454181a2a8b0ebbadbb82ac355dabfd9f3a8b8053c0a92ddeab64ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D362
227 KB
55 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&adk=1812271804&adf=3025194257&lmt=1698757242&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.adotat.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769520684&bpp=12&bdt=1290&idt=367&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2186478466827&frm=20&pv=2&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=428
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3185211195725713&plah=www.adotat.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b886e39c78e9ac77b6988f529b0d4ed5534bc44d2751789125890cbc965ecf5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adotat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
56060
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 16:25:21 GMT
expires
Tue, 31 Oct 2023 16:25:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/
159 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3185211195725713&plah=www.adotat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
311adc5adf4e44ed9bedb10def7562709f380bf34601cd6e57d61ceaf3cb12d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55373
x-xss-protection
0
server
cafe
etag
15121335350055664325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:25:21 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7C06
103 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3185211195725713&plah=www.adotat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1153bb70f8594c328a50254b130c56088b24e9688c4543595459425807e6e99d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adotat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39606
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 16:25:22 GMT
expires
Tue, 31 Oct 2023 16:25:22 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame 77C7
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3185211195725713&plah=www.adotat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adotat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
77064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 19:00:57 GMT
etag
4569948109300706969
expires
Mon, 13 Nov 2023 19:00:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 77C7
4 KB
767 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 16:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 15:01:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 16:25:21 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77C7
205 B
651 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 02:28:25 GMT
x-content-type-options
nosniff
age
395817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 26 Oct 2024 02:28:25 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77C7
604 B
696 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 11:17:16 GMT
x-content-type-options
nosniff
age
450486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 25 Oct 2024 11:17:16 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 77C7
15 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea1bccd5bd591ef9692b2d24f3f10b79483b891fd217cd4e7d115e33c1fce4d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 20:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
72691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6641
x-xss-protection
0
server
cafe
etag
2088779584902205610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 20:13:51 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 77C7
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:39:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
74765
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8600
x-xss-protection
0
server
cafe
etag
14061149270319446037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:39:17 GMT
css
fonts.googleapis.com/ Frame A34E
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 16:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 15:15:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 16:25:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame A34E
2 KB
907 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
75996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame A34E
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
75959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9142
x-xss-protection
0
server
cafe
etag
3118617226516770384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:19:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame A34E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:05:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame A34E
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
76008
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A34E
188 KB
60 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:25:22 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame A34E
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 16:29:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 17:04:13 GMT
KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
pagead2.googlesyndication.com/bg/ Frame ABC9
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Requested by
Host: www.adotat.com
URL: https://www.adotat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 16:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
344269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15118
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 16:47:33 GMT
12115581045467691382
tpc.googlesyndication.com/simgad/ Frame 7C06
126 KB
126 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12115581045467691382
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16b7c7f441c623eedcc806db07655a4143feb8f05ecf1c49f5eba0bf90132a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 03:51:03 GMT
x-content-type-options
nosniff
age
131659
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128839
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 03:08:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 29 Oct 2024 03:51:03 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 7C06
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
75959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9142
x-xss-protection
0
server
cafe
etag
3118617226516770384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:19:23 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7A32
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 16:10:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 7C06
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:05:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FC67
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 02:22:07 GMT
etag
48472445140208031
expires
Wed, 01 Nov 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 7C06
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
76008
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:34 GMT
l
www.google.com/ads/measurement/ Frame 7C06
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwGTOuvqma-fpEFGcdH-zPZ7zrnK3U7DOEAmxHghsyKk-2uBHMqvkF8Qg3L3NEA95CcWLdqZPTx6BW87V2XwASs8nXyA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C06
188 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:25:22 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 7C06
35 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c0eb210ca9d9770dd1e6fb58b73fe67f07f592487e0244a46477f41ae12332c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
75008
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14506
x-xss-protection
0
server
cafe
etag
4792826524176232586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:35:14 GMT
dpixel
cms.quantserve.com/ Frame FC67
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFtmFM3wUyzFGodtHeT1SG0&google_cver=1&google_push=AXcoOmTRvKHN_bwOkHgMqPzuVKCAAmAD6mrKf0WaO2PC25SoG6vS6NthrqFrrqoSmXAfkUCw73PR7b6MZM2IHp8F2L0VW28mdFEU_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame FC67
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPlyNaem5UXtMyd4RRcydHY&google_cver=1&google_push=AXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgb...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPlyNaem5UXtMyd4RRcydHY&google_cver=1&google_push=AXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdzt...
43 B
420 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPlyNaem5UXtMyd4RRcydHY&google_cver=1&google_push=AXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81ed40ed497292b4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
139
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPlyNaem5UXtMyd4RRcydHY&google_cver=1&google_push=AXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRyaGC8bRI5Fsoj9JXhxAOE3xa5e9u6j4fzKwG8RnNUPS-6WpDYsLmDVgp2DJRq0pGkRSfHM0Ol1-tx1MRwuThAr2Qdztgbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81ed40ebffbd92b4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC67
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENm4q2fbf_BQ-LojP24no0E&google_push=AXcoOmRc5ool45rbNN8uTezcyojn-3We5auwXsadjiOavcr_9ITG-lqnV9...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENm4q2fbf_BQ-LojP24no0E&google_push=AXcoOmRc5ool45rbNN8uTezcyojn-3We5auwXsadjiOavcr_9ITG-lqnV91jsxWU0ByslKm5k0GGWUCdVNax2qiinwuQOq2kBwnx7yw
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230131-FRA
pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1698769523.566256,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENm4q2fbf_BQ-LojP24no0E&google_push=AXcoOmRc5ool45rbNN8uTezcyojn-3We5auwXsadjiOavcr_9ITG-lqnV91jsxWU0ByslKm5k0GGWUCdVNax2qiinwuQOq2kBwnx7yw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame FC67
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHXlzGzzeN6sqgvKU6gMeJQ&google_cver=1&google_push=AXcoOmR6LqW8F9nUv49VAFPH7eja8827gClYQgy0fdSUkJMvS5JtzxK1R5pX6JV0yuVGuFoGQ39TN6ya-pXyvK5hNXxwYfidEMpTdh4
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=098FC56607CA4831B34874923F28082A&google_push=AXcoOmR6LqW8F9nUv49VAFPH7eja8827gClYQgy0fdSUkJMvS5JtzxK1R5pX6JV0yuVGuFoGQ39TN6ya-pXyvK5...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=098FC56607CA4831B34874923F28082A&google_push=AXcoOmR6LqW8F9nUv49VAFPH7eja8827gClYQgy0fdSUkJMvS5JtzxK1R5pX6JV0yuVGuFoGQ39TN6ya-pXyvK5hNXxwYfidEMpTdh4
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 31 Oct 2023 16:25:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=098FC56607CA4831B34874923F28082A&google_push=AXcoOmR6LqW8F9nUv49VAFPH7eja8827gClYQgy0fdSUkJMvS5JtzxK1R5pX6JV0yuVGuFoGQ39TN6ya-pXyvK5hNXxwYfidEMpTdh4
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 30 Oct 2023 16:25:22 GMT
pixel
cm.g.doubleclick.net/ Frame FC67
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECRQbU6wFTP1htpXnR26vr4&google_cver=1&google_push=AXcoOmR25zmOCsv4OPZCSOh6OcSbRz8qrczL2XPDC1KpNORZQdhHOdnYXTaDdPj353O1GSys6mnAI7dDFQapwwJt...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=v3gpjpuXS2k8BZAYcBAsxA&google_push=AXcoOmR25zmOCsv4OPZCSOh6OcSbRz8qrczL2XPDC1KpNORZQdhHOdnYXTaDdPj353O1GSys6mnAI7dDFQapwwJtVC0gPkI3JjanvYo
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=v3gpjpuXS2k8BZAYcBAsxA&google_push=AXcoOmR25zmOCsv4OPZCSOh6OcSbRz8qrczL2XPDC1KpNORZQdhHOdnYXTaDdPj353O1GSys6mnAI7dDFQapwwJtVC0gPkI3JjanvYo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 31 Oct 2023 16:25:22 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=v3gpjpuXS2k8BZAYcBAsxA&google_push=AXcoOmR25zmOCsv4OPZCSOh6OcSbRz8qrczL2XPDC1KpNORZQdhHOdnYXTaDdPj353O1GSys6mnAI7dDFQapwwJtVC0gPkI3JjanvYo
x-host
tde-deliveryengine-production-5597b7478c-7hvq4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame FC67
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPoEu9NDMfyiY-d07yRSHB4&google_cver=1&google_push=AXcoOmTcmRx6eo1_hVY4nsEtogG3Xkq_JM65alz5y3EmSQpaqianw-Pgz4_9sgw0d2dt-3UJbWlEsi-j...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPoEu9NDMfyiY-d07yRSHB4&google_cver=1&google_push=AXcoOmTcmRx6eo1_hVY4nsEtogG3Xkq_JM65alz5y3EmSQpaqianw-Pgz4_9sgw0d2dt-3UJbWl...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0NTkwNTQyMzA1MDExOTE0OQ&google_push=AXcoOmTcmRx6eo1_hVY4nsEtogG3Xkq_JM65alz5y3EmSQpaqianw-Pgz4_9sgw0d2dt-3UJbWlEsi...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0NTkwNTQyMzA1MDExOTE0OQ&google_push=AXcoOmTcmRx6eo1_hVY4nsEtogG3Xkq_JM65alz5y3EmSQpaqianw-Pgz4_9sgw0d2dt-3UJbWlEsi-jQFPR2cBCtbJGVmhAMa40Eg
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0NTkwNTQyMzA1MDExOTE0OQ&google_push=AXcoOmTcmRx6eo1_hVY4nsEtogG3Xkq_JM65alz5y3EmSQpaqianw-Pgz4_9sgw0d2dt-3UJbWlEsi-jQFPR2cBCtbJGVmhAMa40Eg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame FC67
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJe6XLbBgldXl1U8ErCd4UI&google_cver=1&google_push=AXcoOmQ3o8jhtcNNZli63zU52EBrry0EDyrIwmWJ_zOHnIP9NulZ98npVWPiGSdx55ntRjC2Ft12tgW1oRnoR_M8UgqENNp...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJe6XLbBgldXl1U8ErCd4UI&google_cver=1&google_push=AXcoOmQ3o8jhtcNNZli63zU52EBrry0EDyrIwmWJ_zOHnIP9NulZ98npVWPiGSdx55ntRjC2Ft12tgW1oRnoR_M8UgqEN...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3o8jhtcNNZli63zU52EBrry0EDyrIwmWJ_zOHnIP9NulZ98npVWPiGSdx55ntRjC2Ft12tgW1oRnoR_M8UgqENNpbOvg_eQg
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3o8jhtcNNZli63zU52EBrry0EDyrIwmWJ_zOHnIP9NulZ98npVWPiGSdx55ntRjC2Ft12tgW1oRnoR_M8UgqENNpbOvg_eQg
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:25:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ3o8jhtcNNZli63zU52EBrry0EDyrIwmWJ_zOHnIP9NulZ98npVWPiGSdx55ntRjC2Ft12tgW1oRnoR_M8UgqENNpbOvg_eQg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame FC67
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JE461MznAir9uZvV4nnxbI9Huem0ZvJqbnu7Q3MfxeIj-hw4_GiJvrXyJqlyiwDAnuQRUH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7A32
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 16:25:22 GMT
expires
Tue, 31 Oct 2023 16:25:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 16:25:22 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7C06
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
497a3de479c9f1c91ce1f678d696fb5df8c584c901a0e6c5f399c71c7e1bbd7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 7C06
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQkM7cSpBZZG3LdGV-cAP8qWFgAnu2ZT2c6nEqOCHEtnZHhABINP38y9glYKAgJQHoAGDwK6VAsgBA6gDAcgDyQSqBPkBT9Ai_481ESWj3LjYyVpEl63hzcrvk1zeULvSUqovz0NXHSbBGf4...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227607106798121643088%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%2...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227607106798121643088%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581672963%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223474829509764282017%22}&andc=true
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"7607106798121643088","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581672963"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"3474829509764282017"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 16:25:22 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7607106798121643088","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581672963"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"3474829509764282017"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1-248.png
i0.wp.com/www.adotat.com/wp-content/uploads/
310 KB
311 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/1-248.png?resize=600%2C357&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
79c2cd9b1eb5eff6136c4016bbfd92e260bdfc8b3046c522f3544e27f2a41833
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 31 Oct 2023 14:49:38 GMT
server
nginx
etag
"c61de4234cd56cc6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/1-248.png>; rel="canonical"
content-length
317898
expires
Fri, 31 Oct 2025 02:49:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3185211195725713&plah=www.adotat.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74ea19ef8fb4c028b8da98a44a912a217d9c6646f9274b139d07c806a87bb189
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12081
x-xss-protection
0
/
sumo.com/api/load/
771 B
1 KB
XHR
General
Full URL
https://sumo.com/api/load/
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
18d14ee19c67cdfe3bc746a4a323804d027ce84f457cd69960c853b53bc3692c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.adotat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 31 Oct 2023 16:25:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.adotat.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
771
KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
pagead2.googlesyndication.com/bg/ Frame 68D0
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3185211195725713&output=html&h=600&adk=3224001902&adf=1088938063&pi=t.aa~a.3876874120~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1698757242&rafmt=1&to=qs&pwprc=9380570629&format=300x600&url=https%3A%2F%2Fwww.adotat.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698769521681&bpp=2&bdt=2287&idt=2&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df63d11d619f3a3e9-222b40901fe300fe%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MapswyrRwF7nvU3tbimDzqve8BwBw&gpic=UID%3D00000caf8a5a8cc0%3AT%3D1698769521%3ART%3D1698769521%3AS%3DALNI_MYAmpGi0paJGlCGkt2y7PgK3Uud8w&prev_fmts=0x0&nras=2&correlator=2186478466827&frm=20&pv=1&ga_vid=2033488785.1698769521&ga_sid=1698769521&ga_hid=434870000&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805932%2C44807455%2C31078301&oid=2&pvsid=2976133053671187&tmod=2011463447&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nSa6wHYL3A&p=https%3A//www.adotat.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 16:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
344269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15118
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 16:47:33 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227607106798121643088%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581672963%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223474829509764282017%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 16:25:22 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2-77.png
i0.wp.com/www.adotat.com/wp-content/uploads/
156 KB
157 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/2-77.png?resize=696%2C414&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
264682fea3868f549a087af005b5537d6040a90c082dc6fd69eefa8444686723
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 15:43:55 GMT
server
nginx
etag
"c016f273d6403a70"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/2-77.png>; rel="canonical"
content-length
160078
expires
Fri, 03 Oct 2025 03:43:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3185211195725713&plah=www.adotat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 16:25:22 GMT
1-238.png
i0.wp.com/www.adotat.com/wp-content/uploads/
231 KB
232 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/1-238.png?resize=696%2C414&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0fbe34f9c4b4783cb3b45274c2a75205e62bc32de391e42148d70aa32433ca11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 15:43:55 GMT
server
nginx
etag
"4ae57b33cb3a17f7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/1-238.png>; rel="canonical"
content-length
236910
expires
Fri, 03 Oct 2025 03:43:55 GMT
1-247.png
i0.wp.com/www.adotat.com/wp-content/uploads/
126 KB
127 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/1-247.png?resize=600%2C357&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b29391f44db52ddebb7ae1d081ffa0abbbc30ea0ac35311fb7509b1e33b2cec4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 13:11:15 GMT
server
nginx
etag
"f48ab2096d9764dc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/1-247.png>; rel="canonical"
content-length
129208
expires
Thu, 30 Oct 2025 01:11:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4752
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adotat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:09:07 GMT
expires
Wed, 30 Oct 2024 14:09:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D817
829 B
996 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd30e2ac234fe44599a13b38e0042a193954362aba717989f29a3dc40a9b9c74
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-72khZ2bV9kRln2m3aQId2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.adotat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-72khZ2bV9kRln2m3aQId2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 16:25:22 GMT
expires
Tue, 31 Oct 2023 16:25:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1-248.png
i0.wp.com/www.adotat.com/wp-content/uploads/
310 KB
311 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/1-248.png?resize=600%2C357&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
79c2cd9b1eb5eff6136c4016bbfd92e260bdfc8b3046c522f3544e27f2a41833
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 31 Oct 2023 14:49:38 GMT
server
nginx
etag
"c61de4234cd56cc6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/1-248.png>; rel="canonical"
content-length
317898
expires
Fri, 31 Oct 2025 02:49:38 GMT
1-244.png
i0.wp.com/www.adotat.com/wp-content/uploads/
310 KB
310 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/1-244.png?resize=600%2C357&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5f6947decb8e60104ce7bcf6153c26fd6b83e4123bf81882e1ad86d2a09068fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2023 13:58:33 GMT
server
nginx
etag
"69211ed1f34c3dec"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/1-244.png>; rel="canonical"
content-length
317192
expires
Sat, 18 Oct 2025 01:58:33 GMT
3-8.png
i0.wp.com/www.adotat.com/wp-content/uploads/
115 KB
116 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/3-8.png?resize=600%2C357&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b67d383f7bac5f276bf5457de4656e5a2d81397442ceab08fd3ab335ee352a2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Oct 2023 20:58:49 GMT
server
nginx
etag
"615e61b0549ce751"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/3-8.png>; rel="canonical"
content-length
118228
expires
Sun, 12 Oct 2025 08:58:49 GMT
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 4752
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:26:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 15:26:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D817
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=2976133053671187&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

2-77.png
i0.wp.com/www.adotat.com/wp-content/uploads/
156 KB
157 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/2-77.png?resize=696%2C414&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
264682fea3868f549a087af005b5537d6040a90c082dc6fd69eefa8444686723
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 15:43:55 GMT
server
nginx
etag
"c016f273d6403a70"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/2-77.png>; rel="canonical"
content-length
160078
expires
Fri, 03 Oct 2025 03:43:55 GMT
1-247.png
i0.wp.com/www.adotat.com/wp-content/uploads/
126 KB
127 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/1-247.png?resize=600%2C357&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b29391f44db52ddebb7ae1d081ffa0abbbc30ea0ac35311fb7509b1e33b2cec4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 31 Oct 2023 16:25:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 13:11:15 GMT
server
nginx
etag
"f48ab2096d9764dc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/1-247.png>; rel="canonical"
content-length
129208
expires
Thu, 30 Oct 2025 01:11:15 GMT
1-238.png
i0.wp.com/www.adotat.com/wp-content/uploads/
231 KB
232 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/1-238.png?resize=696%2C414&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0fbe34f9c4b4783cb3b45274c2a75205e62bc32de391e42148d70aa32433ca11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 31 Oct 2023 16:25:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 15:43:55 GMT
server
nginx
etag
"4ae57b33cb3a17f7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/1-238.png>; rel="canonical"
content-length
236910
expires
Fri, 03 Oct 2025 03:43:55 GMT
3-8.png
i0.wp.com/www.adotat.com/wp-content/uploads/
115 KB
116 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/3-8.png?resize=600%2C357&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b67d383f7bac5f276bf5457de4656e5a2d81397442ceab08fd3ab335ee352a2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 31 Oct 2023 16:25:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Oct 2023 20:58:49 GMT
server
nginx
etag
"615e61b0549ce751"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/3-8.png>; rel="canonical"
content-length
118228
expires
Sun, 12 Oct 2025 08:58:49 GMT
1-244.png
i0.wp.com/www.adotat.com/wp-content/uploads/
310 KB
310 KB
Image
General
Full URL
https://i0.wp.com/www.adotat.com/wp-content/uploads/1-244.png?resize=600%2C357&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5f6947decb8e60104ce7bcf6153c26fd6b83e4123bf81882e1ad86d2a09068fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 31 Oct 2023 16:25:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2023 13:58:33 GMT
server
nginx
etag
"69211ed1f34c3dec"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.adotat.com/wp-content/uploads/1-244.png>; rel="canonical"
content-length
317192
expires
Sat, 18 Oct 2025 01:58:33 GMT
generate_204
tpc.googlesyndication.com/ Frame 4752
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?t6By9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
services
sumo.com/
46 KB
6 KB
XHR
General
Full URL
https://sumo.com/services
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a0aa851f5faa664ac46fdb888f6c4640c5714f6d76f4cef1c9b7c29146008e6c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

X-Sumo-Auth
3wQhRG64Ch9wDZDXx426qRKo
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.adotat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 31 Oct 2023 16:25:23 GMT
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.adotat.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=2976133053671187&bg=!0tGl0Z7NAAbo5yKYyOc7ADQBe5WfODdsBMI2NARGPuplMShwtQp_EogFULFNJlxURkD38SwakIN7Pl-LZPNbmPw9P7nQAgAAANBSAAAAA2gBB5kCtzitPpKN6jqH-_eALqOaZhCsjjXa0wkkIEjyafkcvmrn2QmjPaNR2l2kFvhoPNQg47jKXvZJdvKyEeh94cwWxMr-koXk8YsG7pnA1qLFA_dQddqjJHm9PZnkSUE_xUnAbWJt8TDRR3Hn7elva9-OGb-OYOXMUhZX-jepbn6w6wGXYNJuZIBOk-TVTmXsWxPxmPe0zKwtx5d7Z1hQoOtQm3NcSXdWRUFCFESk3TjQdxuyHZds0s49C7Y2Gag1xlFGbwibFrVLkIQzYuVxV2CMbs2rNufOE5_sih_U_F5TWMWlVPRKR0xD_2_6LpAWGOYX8ZW6V-wnStnuh_dDqEFwfFddKz1NtIuLyxFdCerQZvpDQgfYZ6HMC6xCO_5TX5898aWU0tsM4-evi9dGajBkmufoaAFVpbjAH3RviV-dH9xLWyCrQjkf1I_QHg3tZCp8eCaWm2DI8RXWP2aMw7T5yNRNu2IEEgi8ik8YSgPQuVhc0mPwgxMgbskvlwZGxlinsaHUcfzu4j30bspKU4VMDjQVEgbH_Etx8VAm_0iz9iWucuWggaP6u65YwWaVQiwGc05C_KE9MYD8IR-NH347h1vlmL6pIcz4mA2BPLb6ne3ZqOpmJtswtDOLrothCCM9Q0TQR4Kwo0qdlm6IU4mgAgyGsgsv5gE8y-l29F5fLyDdQQkU72AHUziJZ_b873jjExv2XiRecRObHZeoMTwQXnfoaQR-5dvYnsXKjujEIeSQw-DCUw7tIR_soLuz6cOy-aP1oSs709y43H7WZYPNDDVWQPfzo-_mrVCoHW-oyBWRAUBikPU4uzFu1tLPFSr93UMB61aEnFPz_A20tPtxuDn8NCfVp_17jMadP0_bKsTPMAuMUD-7RyRgFzRLT-mETrVh1bJ-NzB75GK4V84N4OJpFostUPeo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

services
sumo.com/ Frame
0
0
Preflight
General
Full URL
https://sumo.com/services
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
POST
Origin
https://www.adotat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
https://www.adotat.com
access-control-max-age
2592000
date
Tue, 31 Oct 2023 16:25:23 GMT
server
nginx
7.0a035390359aab65eb82.js
load.sumo.com/
97 KB
34 KB
Script
General
Full URL
https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
6556JDXZW8AN2YNV
cdn-cachedat
08/01/2023 19:55:10
cdn-pullzone
53731
x-amz-id-2
cSUMWfK1WSpDwfk1Ts7bzDlPEW2XyFxoF6OWJezYiEehsSRchfIhZEPax52J+5vxI3XyrXtZRhc=
last-modified
Wed, 05 Oct 2022 16:49:48 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"3fa9c18f727d4b42fb894fda90a374e1"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
918ed19c42d8c9e203fe15a4e2075869
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
4.0a035390359aab65eb82.js
load.sumo.com/
5 KB
3 KB
Script
General
Full URL
https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
XPQK36ZER9CRKS11
cdn-cachedat
07/07/2023 01:47:30
cdn-pullzone
53731
x-amz-id-2
mTOZvT+dViFEnXbdMieeIDxf0x24WT/uSdiD07sBGMn9LykYofikgvDE4pImCCIDh6WUqbyXrcU=
last-modified
Wed, 05 Oct 2022 16:49:25 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"a39d043b7c7bba70750cf288ee5ef71a"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
b0ecaac38c2b5c835a832ac0c3f32fe0
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
2.0a035390359aab65eb82.js
load.sumo.com/
3 KB
2 KB
Script
General
Full URL
https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
XPQM4KE27F1PV1RK
cdn-cachedat
07/07/2023 01:47:30
cdn-pullzone
53731
x-amz-id-2
oA8LQN3Tk/ne2zEnCJcTDIXVqtH0lmXgqdnClhbLqUrZ7AoJhtGig12OgATcN4TrCkSO40O6SCY=
last-modified
Wed, 05 Oct 2022 16:49:10 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"6bfdf1ae8492f107706ac037915be663"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
3f1351d3e2b2f2d4ad96fac97042181a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
10.0a035390359aab65eb82.js
load.sumo.com/
11 KB
5 KB
Script
General
Full URL
https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
XPQY5KZM19H9N2EA
cdn-cachedat
07/07/2023 01:47:30
cdn-pullzone
53731
x-amz-id-2
seuQMDfJmqhHAlic6XiyJ4hVPQujxdUHubwd+ZhchYqZFdd51kzaghRFiM11t3gYmD58vzM+KNA=
last-modified
Wed, 05 Oct 2022 16:48:57 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"fc263e7087822a0b00ff93677d6df4ea"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
2ed86c31d6f81bbbb0d79d90ed57cdcf
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
22.0a035390359aab65eb82.js
load.sumo.com/
92 KB
25 KB
Script
General
Full URL
https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
PQQBXF8WXVX9X2EZ
cdn-cachedat
07/07/2023 01:10:26
cdn-pullzone
53731
x-amz-id-2
irVg4hjWiANPv68QkQboAQiwpeyFydpGds+oixAV97BR2fr/wIxSfvdoMo3ggEkMwbf62jAfgAI=
last-modified
Wed, 05 Oct 2022 16:49:12 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"8af82c4c30a069f66de02526c2f332af"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
68891f5422eb763a5967cec0778ecf5f
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
23.0a035390359aab65eb82.js
load.sumo.com/
329 KB
94 KB
Script
General
Full URL
https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
RKQZQ72VFQMDKFPM
cdn-cachedat
08/01/2023 19:55:20
cdn-pullzone
53731
x-amz-id-2
BwiMkm/NrNe/oG+SEc1gZv5tpb4dLpnrRMkQQWrblkEy+u4k6dyVJj1CS5kSMpDq5pTg6Pefv3s=
last-modified
Wed, 05 Oct 2022 16:49:12 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"be0b945be6cafa91f6fd4efdfc8268f8"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
9cb46375506a8883ab11439a7c23e09f
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
21.0a035390359aab65eb82.js
load.sumo.com/
179 KB
51 KB
Script
General
Full URL
https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
C84PNVNQB66PCZG0
cdn-cachedat
08/29/2023 11:03:01
cdn-pullzone
53731
x-amz-id-2
ENE2TCqG376TzQkN1MMQaDsoDM44TulVnj3fty3yhkgq5APg+ofa21zsAF6x/yL20mKJRIov3B8=
last-modified
Wed, 05 Oct 2022 16:49:11 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"beda094dfc3b530efd0d2d83c5a0280c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
bcb2bb586bd2d8bf65a30832837d2a20
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
0.0a035390359aab65eb82.js
load.sumo.com/
5 KB
3 KB
Script
General
Full URL
https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
3WHT15W2TJWFMKM7
cdn-cachedat
07/07/2023 01:47:31
cdn-pullzone
53731
x-amz-id-2
VZjr0K5Y8SUXWSYHQImuxYw+Exhyj1Kyjsa9lNkbyPzFc1SQBSWWHUm8YElx+Sw55wP8K1fK+xs=
last-modified
Wed, 05 Oct 2022 16:48:56 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"31baf056af3800bbd6e4f9e8b445d052"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
afb9deffd21079223856acd9d6b10e5b
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
96.0a035390359aab65eb82.js
load.sumo.com/
1 MB
80 KB
Script
General
Full URL
https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
FGD5RPGRC3BGBDEK
cdn-cachedat
09/11/2023 12:27:01
cdn-pullzone
53731
x-amz-id-2
UpcBLDSJ2/nt7VJUhvVTsNiESr/KW7DMcj3w6M4CFBg4maYnRNBFWy/9sHzrMmwOjzSxxf/VGuI=
last-modified
Wed, 05 Oct 2022 16:50:09 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"f33273f5c8e8dd3d010a11b209891b91"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
58e37fc5b863e09e7757dbf9021fda18
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
97.0a035390359aab65eb82.js
load.sumo.com/
221 B
994 B
Script
General
Full URL
https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
NTJQ2GV1WNAVQPSR
cdn-cachedat
07/07/2023 01:10:27
cdn-pullzone
53731
x-amz-id-2
JTXCpCcTcTU62ExaMwtO9D+T6wK0UGb3w92rrh/k+tTFJglllrHjGxgzyla2oCOLZVrlfFqI940=
last-modified
Wed, 05 Oct 2022 16:50:09 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"857476cf6e94c14c223d4481353b4c19"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
4dc0ff8345707b0d5ae97fa8c968eede
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
32 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 14:51:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 16:25:24 GMT
features
sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/ Frame
0
0
Preflight
General
Full URL
https://sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/features?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
GET
Origin
https://www.adotat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
https://www.adotat.com
access-control-max-age
2592000
date
Tue, 31 Oct 2023 16:25:24 GMT
server
nginx
features
sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/ Frame
0
0
Preflight
General
Full URL
https://sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/features?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
GET
Origin
https://www.adotat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
https://www.adotat.com
access-control-max-age
2592000
date
Tue, 31 Oct 2023 16:25:24 GMT
server
nginx
features
sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/
3 KB
1 KB
XHR
General
Full URL
https://sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/features?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.adotat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Sumo-Auth
3wQhRG64Ch9wDZDXx426qRKo

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
gzip
server
nginx
etag
"-362431178"
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.adotat.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
features
sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/
3 KB
1 KB
XHR
General
Full URL
https://sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/features?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.adotat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Sumo-Auth
3wQhRG64Ch9wDZDXx426qRKo

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
gzip
server
nginx
etag
"-362431178"
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.adotat.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
features
sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/
3 KB
1 KB
XHR
General
Full URL
https://sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/features?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.adotat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Sumo-Auth
3wQhRG64Ch9wDZDXx426qRKo

Response headers

date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
gzip
server
nginx
etag
"-362431178"
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.adotat.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
features
sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/ Frame
0
0
Preflight
General
Full URL
https://sumo.com/api/site/9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b/features?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
GET
Origin
https://www.adotat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
https://www.adotat.com
access-control-max-age
2592000
date
Tue, 31 Oct 2023 16:25:24 GMT
server
nginx
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:16:19 GMT
x-content-type-options
nosniff
age
425345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:16:19 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:16:19 GMT
x-content-type-options
nosniff
age
425345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:16:19 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:16:19 GMT
x-content-type-options
nosniff
age
425345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:16:19 GMT
css
fonts.googleapis.com/
14 KB
867 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/7.0a035390359aab65eb82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa4a24934e267242231a14021b1fcd6cad62ee5425e7732d000db9b89c62920a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 16:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 16:22:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 16:25:24 GMT
truncated
/
44 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/webp
/
sumo.com/api/event/
2 B
145 B
Image
General
Full URL
https://sumo.com/api/event/?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b&app_id=156085c5-0017-4150-b225-a731ad248f38&shortcut_id=&visitor_id=887b18ff2ab5d35b766d19a9885797a9d8e1bc4d4ec6683ceb89e8fb4ecea5d7&event=popup&href=https%3A%2F%2Fwww.adotat.com%2F&ref=&cache=0.8468754151086537
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
server
nginx
etag
"-684271315"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain
x-robots-tag
noindex, nofollow
content-length
2
/
sumo.com/api/event/
2 B
145 B
Image
General
Full URL
https://sumo.com/api/event/?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b&app_id=156085c5-0017-4150-b225-a731ad248f38.58121e8457d6b061127599210e5e40d19302fb4c3c7a0d9378e950610ab15e4e&shortcut_id=&visitor_id=887b18ff2ab5d35b766d19a9885797a9d8e1bc4d4ec6683ceb89e8fb4ecea5d7&event=popup&href=https%3A%2F%2Fwww.adotat.com%2F&ref=&cache=0.9157487128355011
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
server
nginx
etag
"-684271315"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain
x-robots-tag
noindex, nofollow
content-length
2
/
sumo.com/api/event/
2 B
146 B
Image
General
Full URL
https://sumo.com/api/event/?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b&app_id=156085c5-0017-4150-b225-a731ad248f38.8b2d413184141d00af452340ff14dda84d7c3c3ac63dcee8fc9b02ef337fa813&shortcut_id=&visitor_id=887b18ff2ab5d35b766d19a9885797a9d8e1bc4d4ec6683ceb89e8fb4ecea5d7&event=popup&href=https%3A%2F%2Fwww.adotat.com%2F&ref=&cache=0.7309076235370091
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
server
nginx
etag
"-684271315"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain
x-robots-tag
noindex, nofollow
content-length
2
/
sumo.com/api/event/
2 B
145 B
Image
General
Full URL
https://sumo.com/api/event/?site_id=9c327676e3b01a965a0ca918f7361b7e087d36a9ab2664df372be1a87ef9961b&app_id=156085c5-0017-4150-b225-a731ad248f38.58121e8457d6b061127599210e5e40d19302fb4c3c7a0d9378e950610ab15e4e.8b2d413184141d00af452340ff14dda84d7c3c3ac63dcee8fc9b02ef337fa813&shortcut_id=&visitor_id=887b18ff2ab5d35b766d19a9885797a9d8e1bc4d4ec6683ceb89e8fb4ecea5d7&event=popup&href=https%3A%2F%2Fwww.adotat.com%2F&ref=&cache=0.03616158301071515
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
server
nginx
etag
"-684271315"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain
x-robots-tag
noindex, nofollow
content-length
2
4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumo.com/
586 B
1 KB
Image
General
Full URL
https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
PPGSPXJ4CB822RV2
cdn-cachedat
07/27/2023 06:00:41
cdn-pullzone
50990
x-amz-id-2
i+OJvTxTtFPPIuMXAEI0jE7lqRfQ2FkWrcAJP7nCJePI7OEyqbfOcbR9nUKO/8kAwoJ1PT8RitA=
last-modified
Thu, 11 Aug 2016 16:48:17 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"f34cd1622df767b055f9b6ddbe5edec0-1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
075c75591da7ccbbc59317655d2229b1
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumo.com/
586 B
1 KB
XHR
General
Full URL
https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.adotat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
PPGSPXJ4CB822RV2
cdn-cachedat
07/27/2023 06:00:41
cdn-pullzone
50990
x-amz-id-2
i+OJvTxTtFPPIuMXAEI0jE7lqRfQ2FkWrcAJP7nCJePI7OEyqbfOcbR9nUKO/8kAwoJ1PT8RitA=
last-modified
Thu, 11 Aug 2016 16:48:17 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"f34cd1622df767b055f9b6ddbe5edec0-1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
76da3f715c58d8744acbaa0507fece7d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
transparent-crown-dark.png
sumo.com/client/images/apps/156085c5-0017-4150-b225-a731ad248f38/
16 KB
16 KB
Image
General
Full URL
https://sumo.com/client/images/apps/156085c5-0017-4150-b225-a731ad248f38/transparent-crown-dark.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c024d047b5bcef31ab5886884da5108a1241b2d4f7ff1301d8b43225c1ca97a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
last-modified
Thu, 12 Oct 2023 20:58:42 GMT
server
nginx
etag
"16228-1697144322000"
content-type
image/png
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
public, max-age=0
accept-ranges
bytes
content-length
16228
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 01:27:02 GMT
x-content-type-options
nosniff
age
313103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 01:27:02 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.adotat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 09:02:56 GMT
x-content-type-options
nosniff
age
372149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 09:02:56 GMT
sumo-convert
micro-cdn.sumo.com/image-resize/
70 B
405 B
Image
General
Full URL
https://micro-cdn.sumo.com/image-resize/sumo-convert?uri=//media.sumo.com/639a0dd54b363044a2c89be6a8e910aabded4dab6711dcbeb965d5bebb553f3f&supported=webp,webp.alpha,webp.animation,webp.lossless&hash=0fe2ac823195d86ec9cb1b6b59e5abf1c33a7b846a516f81bb22f26ad59f837e&format=webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 -, , ASN (),
Reverse DNS
Software
BunnyCDN-DE1-1081 / Express
Resource Hash
3018ad0e7b7ca1a60914a3b63052af28eb8a9cac6eb5a76a819f6093ecb936db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
cdn-edgestorageid
1082
x-powered-by
Express
content-type
image/webp
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-cachedat
10/05/2023 14:50:07
cdn-pullzone
31536
cdn-requestid
a769930fc6a40a7646d4dfd0fb6fbecd
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
media.sumo.com/
586 B
1 KB
Image
General
Full URL
https://media.sumo.com/4720b373859b04afd757651cd6d7fb201973415db9d188b41026f6b394d52c88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.adotat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:25:25 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
PPGSPXJ4CB822RV2
cdn-cachedat
07/27/2023 06:00:41
cdn-pullzone
50990
x-amz-id-2
i+OJvTxTtFPPIuMXAEI0jE7lqRfQ2FkWrcAJP7nCJePI7OEyqbfOcbR9nUKO/8kAwoJ1PT8RitA=
last-modified
Thu, 11 Aug 2016 16:48:17 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"f34cd1622df767b055f9b6ddbe5edec0-1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
df94c61f93c2b7d6e8ff5f13c7073846
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture function| _0x5345 function| _0x4145f8 function| _0x5b00 function| cccc object| script string| co function| _0x46f0 function| _0x533a9a string| requestURL string| pars function| _0x35f5cd function| _0x5e75 undefined| io object| ajaxRequest undefined| $ function| jQuery object| googletag object| tdb_globals object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| block_tdi_56_941 object| block_tdi_57_79f object| block_tdi_58_019 object| block_tdi_59_99c object| block_tdi_60_89b object| block_tdi_67_419 object| block_tdi_70_155 object| block_tdi_81_455 object| block_tdi_86_16a object| block_tdi_87_880 object| block_tdi_89_e9d object| block_tdi_93_75e object| block_tdi_94_425 object| block_tdi_105_d16 object| block_tdi_108_850 string| ajaxurl function| sumo_add_woocommerce_coupon function| sumo_remove_woocommerce_coupon function| sumo_get_woocommerce_cart_subtotal object| _stq object| jetpackLazyImagesL10n object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch function| _ function| $f object| addComment object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| st_go function| linktracker_init object| wpcom object| sumome object| webpackJsonpsumome function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| sumo object| google_llp boolean| __smLoaded object| jQuery11020058822365660173626 object| GoogleGcLKhOms object| google_image_requests

18 Cookies

Domain/Path Name / Value
www.adotat.com/ Name: __smVID
Value: 887b18ff2ab5d35b766d19a9885797a9d8e1bc4d4ec6683ceb89e8fb4ecea5d7
.adotat.com/ Name: __gads
Value: ID=e80aaa7a66453579:T=1698769521:RT=1698769521:S=ALNI_MYvO7tV_AoDHLP7ll8RKtqyseiv1Q
.adotat.com/ Name: __gpi
Value: UID=00000caf8b57c3b9:T=1698769521:RT=1698769521:S=ALNI_MbiC9-vLHHYWs7ttA3GBjock_EOXQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnllf0aqCj_fcQ0LuoB7RctdFYgUU4UbFFuFWTLRK7SvL9jHtWwjNwM1SxX2jQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EBoBCQGoKoEA
.quantserve.com/ Name: mc
Value: 65412a72-881ee-e0b4b-8f5c5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22BF78298E-9B97-4B69-3C05-901870102CC4%22%7D
.simpli.fi/ Name: suid
Value: 098FC56607CA4831B34874923F28082A
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.8288837355630585205
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUEqcgAASy4eFAAj
.adform.net/ Name: uid
Value: 4645905423050119149
.tribalfusion.com/ Name: ANON_ID
Value: aUntuJON6Je8ZbUxralUAvd68yjynYlF949qZbRjQp0dewkrdtSAyWNi2ZaUVxRNeb1ey7iEi8BVZbTcSfRpeUUiikCk
.googleadservices.com/ Name: ar_debug
Value: 1
www.adotat.com/ Name: __smToken
Value: 3wQhRG64Ch9wDZDXx426qRKo
www.adotat.com/ Name: __smListBuilderShown
Value: Tue%20Oct%2031%202023%2017:25:25%20GMT+0100%20(Central%20European%20Standard%20Time)
www.adotat.com/ Name: __smSmartbarShown
Value: Tue%20Oct%2031%202023%2017:25:25%20GMT+0100%20(Central%20European%20Standard%20Time)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adotat.com
ads.travelaudience.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
ga.cdzanalytics.com
googleads.g.doubleclick.net
i0.wp.com
load.sumo.com
media.sumo.com
micro-cdn.sumo.com
net.promsmotion.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
s.tribalfusion.com
securepubads.g.doubleclick.net
stats.wp.com
sumo.com
sync-tm.everesttech.net
tpc.googlesyndication.com
um.simpli.fi
www.adotat.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.198.104.14
142.250.185.226
151.101.194.49
169.150.247.38
192.0.76.3
192.0.77.2
213.155.156.184
2400:52e0:1e00::1080:1
2400:52e0:1e00::1082:1
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2002
2a00:1450:4001:803::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
2a06:98c1:3120::3
34.91.62.186
35.190.0.66
35.86.95.232
37.157.2.228
80.66.79.252
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5be5604e6804ddbacb0e251c0f6aac6e049fdbe367be756e7c17342a0e8971
0fbe34f9c4b4783cb3b45274c2a75205e62bc32de391e42148d70aa32433ca11
1075526b3d9f07e27eb2ef79e165ccca9970f0cb5a77a8b6347fcad85dd21981
1153bb70f8594c328a50254b130c56088b24e9688c4543595459425807e6e99d
16b7c7f441c623eedcc806db07655a4143feb8f05ecf1c49f5eba0bf90132a85
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18d14ee19c67cdfe3bc746a4a323804d027ce84f457cd69960c853b53bc3692c
1bff2c83e2e70981f72f48c7648684b176e46113d58c0df4f903e460543bb1d8
264682fea3868f549a087af005b5537d6040a90c082dc6fd69eefa8444686723
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
27a38941d8ed4af80b1d181c61fb9acccae9f29626c893cc764eba51ef870016
27b5efafe2f176959d45529a57eea37ab34e8604e2b5cfab7a7327a09333e72d
2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3018ad0e7b7ca1a60914a3b63052af28eb8a9cac6eb5a76a819f6093ecb936db
311adc5adf4e44ed9bedb10def7562709f380bf34601cd6e57d61ceaf3cb12d5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
488206ff95931bde79adaae847e1eec866c9f9c5fb3a5b268b7d9a5182971bbf
497a3de479c9f1c91ce1f678d696fb5df8c584c901a0e6c5f399c71c7e1bbd7e
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5f0bf62bd714e1f430a9642534ec778fd2a2bcae81a38345a0adfc1a7cc674b1
5f6947decb8e60104ce7bcf6153c26fd6b83e4123bf81882e1ad86d2a09068fb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6346146449a783a9e3cec3c70fd8e8911dbaf780220425b792fb89e206b4c2fa
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
74ea19ef8fb4c028b8da98a44a912a217d9c6646f9274b139d07c806a87bb189
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
79c2cd9b1eb5eff6136c4016bbfd92e260bdfc8b3046c522f3544e27f2a41833
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c0eb210ca9d9770dd1e6fb58b73fe67f07f592487e0244a46477f41ae12332c
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
9023b221280f6d72ac0e8f7913271eb8a392dfb8a4f0ab9f29784c806d2af47f
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700
9481f6302b1245cf3b7aa6521faaaf7af92b389a495b34241869f97a5d93429e
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b8a8f6a011ba6b0f0c157700106f1e5c7882f533bae40c98c28320dab68f2db
a0aa851f5faa664ac46fdb888f6c4640c5714f6d76f4cef1c9b7c29146008e6c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a622078bbb623e6c7cde7894ee075b4addd24968bc4aae2d69fe274babc50a99
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b1453b716454181a2a8b0ebbadbb82ac355dabfd9f3a8b8053c0a92ddeab64ff
b29391f44db52ddebb7ae1d081ffa0abbbc30ea0ac35311fb7509b1e33b2cec4
b67d383f7bac5f276bf5457de4656e5a2d81397442ceab08fd3ab335ee352a2e
b886e39c78e9ac77b6988f529b0d4ed5534bc44d2751789125890cbc965ecf5e
ba30d9e5f400066d039a41354ecfe1111e51a27a7c9ae4a61be9d170518e59d0
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd30e2ac234fe44599a13b38e0042a193954362aba717989f29a3dc40a9b9c74
c024d047b5bcef31ab5886884da5108a1241b2d4f7ff1301d8b43225c1ca97a1
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d8282c6a4c6ca3d158d75674d00345a50cee1cef971be4017cf4d15be8428f1c
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4225495f64e461d040dc2373bfb2a7ef8d069a500cae599034823fcba780855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea1bccd5bd591ef9692b2d24f3f10b79483b891fd217cd4e7d115e33c1fce4d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347
fa4a24934e267242231a14021b1fcd6cad62ee5425e7732d000db9b89c62920a