tambayanstelesereyes.su Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pinoyreplaytambayan.su/
Effective URL:
https://tambayanstelesereyes.su/
Submission: On January 21 via manual (January 21st 2024, 10:08:24 am UTC) from LU — Scanned from DE

Summary HTTP 272 Redirects Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 46 domains to perform 272 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tambayanstelesereyes.su.
TLS certificate: Issued by GTS CA 1P5 on December 26th 2023. Valid for: 3 months.

This is the only time tambayanstelesereyes.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:18d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.187.184.108 35.187.184.108	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 14	51.68.38.14 51.68.38.14	16276 (OVH) (OVH)
9	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	135.125.163.195 135.125.163.195	16276 (OVH) (OVH)
48	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 23	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:fb9e:de5f:307d:4267	16509 (AMAZON-02) (AMAZON-02)
5 5	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490	16509 (AMAZON-02) (AMAZON-02)
2 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
4	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 5	18.158.46.130 18.158.46.130	16509 (AMAZON-02) (AMAZON-02)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.195.130.181 18.195.130.181	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
3 3	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
2 5	23.192.250.178 23.192.250.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	23.205.93.33 23.205.93.33	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
2 2	34.77.79.66 34.77.79.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a02:26f0:480... 2a02:26f0:480:588::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.132.155.94 18.132.155.94	16509 (AMAZON-02) (AMAZON-02)
6	2.18.161.148 2.18.161.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6813:afbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.135.143.66 147.135.143.66	16276 (OVH) (OVH)
1	18.66.27.36 18.66.27.36	16509 (AMAZON-02) (AMAZON-02)
1	18.155.129.96 18.155.129.96	16509 (AMAZON-02) (AMAZON-02)
2	18.158.75.134 18.158.75.134	16509 (AMAZON-02) (AMAZON-02)
1	54.37.204.178 54.37.204.178	16276 (OVH) (OVH)
2	3.11.114.248 3.11.114.248	16509 (AMAZON-02) (AMAZON-02)
272	47

1 2606:4700:3032::6815:18d8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pinoyreplaytambayan.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tambayanstelesereyes.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.187.184.108 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 108.184.187.35.bc.googleusercontent.com

rtb.ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 51.68.38.14 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: f25.adventori.com

eu.adventori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adventori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.163.195 (France)

ASN16276 (OVH, FR)
PTR: f31.adventori.com

adventori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:fb9e:de5f:307d:4267 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.5.84 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.158.46.130 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-46-130.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.130.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-130-181.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.6 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.192.250.178 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-250-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.93.33 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-93-33.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.77.79.66 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.79.77.34.bc.googleusercontent.com

atlas.r.akipam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ibdhut.ltt-versand.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:588::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.155.94 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-155-94.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.161.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-148.deploy.static.akamaitechnologies.com

travel198849194933.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.143.66 (Montpellier, France)

ASN16276 (OVH, FR)

netzwerk.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.27.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-27-36.vie50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-96.cdg52.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.75.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-75-134.eu-central-1.compute.amazonaws.com

www.eprimo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.204.178 (France)

ASN16276 (OVH, FR)
PTR: 178.ip-54-37-204.eu

ht.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.11.114.248 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-114-248.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29340 ad4m.at — Cisco Umbrella Rank: 11475 assets.ad4m.at — Cisco Umbrella Rank: 41583	613 KB
53	tambayanstelesereyes.su tambayanstelesereyes.su	758 KB
41	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	115 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	336 KB
15	adventori.com 1 redirects eu.adventori.com — Cisco Umbrella Rank: 11505 adventori.com — Cisco Umbrella Rank: 4727	487 KB
10	moatads.com z.moatads.com — Cisco Umbrella Rank: 704 mb.moatads.com — Cisco Umbrella Rank: 809 px.moatads.com — Cisco Umbrella Rank: 660	116 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	38 KB
8	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 164401 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344	3 KB
6	moatpixel.com travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 62221	1 KB
6	travelaudience.com 2 redirects rtb.ads.travelaudience.com — Cisco Umbrella Rank: 132732 ads.travelaudience.com — Cisco Umbrella Rank: 5893	26 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	390 KB
5	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 16092	3 KB
5	w55c.net 5 redirects pm.w55c.net — Cisco Umbrella Rank: 875	5 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 583	4 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	558 B
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	445 B
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	310 B
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15457	40 KB
2	eprimo.de www.eprimo.de — Cisco Umbrella Rank: 230444	3 KB
2	uppr.de netzwerk.uppr.de — Cisco Umbrella Rank: 241191 ht.uppr.de — Cisco Umbrella Rank: 127060	6 KB
2	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2467	1 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 70130	645 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 69927	449 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	494 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	869 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 856	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 707	832 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	867 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	4 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 86865	491 B
1	ltt-versand.de 1 redirects ibdhut.ltt-versand.de	435 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	akipam.com 1 redirects atlas.r.akipam.com — Cisco Umbrella Rank: 243736	431 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 104015	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 80544	1 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738	98 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 89383	549 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 41332	327 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7224	668 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2226	296 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	716 B
1	gstatic.com fonts.gstatic.com	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	802 B
1	pinoyreplaytambayan.su 1 redirects pinoyreplaytambayan.su	660 B
272	46

	Domain	Requested by
53	tambayanstelesereyes.su	tambayanstelesereyes.su
24	assets.ad4m.at	as.ad4m.at
23	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net tambayanstelesereyes.su
16	ad4m.at	as.ad4m.at ad4m.at
16	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com tambayanstelesereyes.su googleads.g.doubleclick.net
13	eu.adventori.com	1 redirects rtb.ads.travelaudience.com eu.adventori.com
13	pagead2.googlesyndication.com	tambayanstelesereyes.su pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	px.moatads.com	rtb.ads.travelaudience.com tambayanstelesereyes.su
7	static.criteo.net	ads.eu.criteo.com
6	travel198849194933.s.moatpixel.com	tambayanstelesereyes.su
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.awin1.com	2 redirects as.ad4m.at
5	pm.w55c.net	5 redirects
5	c1.adform.net	5 redirects
5	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
4	static-de.ad4mat.net	as.ad4m.at
4	ads.travelaudience.com	2 redirects rtb.ads.travelaudience.com
3	ad.doubleclick.net	3 redirects
3	match.adsrvr.org	googleads.g.doubleclick.net
3	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.eprimo.de	netzwerk.uppr.de www.eprimo.de
2	res.cloudinary.com	as.ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	sync.teads.tv	1 redirects tambayanstelesereyes.su
2	um.simpli.fi	2 redirects
2	onetag-sys.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	adventori.com	eu.adventori.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	rtb.ads.travelaudience.com	googleads.g.doubleclick.net rtb.ads.travelaudience.com
1	ht.uppr.de	as.ad4m.at
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	netzwerk.uppr.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	ibdhut.ltt-versand.de	1 redirects
1	track.webgains.com	as.ad4m.at
1	atlas.r.akipam.com	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	id.rlcdn.com	googleads.g.doubleclick.net
1	banner.congstar.de	as.ad4m.at
1	pv.medialead.de	as.ad4m.at
1	r.turn.com	tambayanstelesereyes.su
1	ad.turn.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	mb.moatads.com	z.moatads.com
1	rtb.nl3.eu.criteo.com	tambayanstelesereyes.su
1	z.moatads.com	rtb.ads.travelaudience.com
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tambayanstelesereyes.su
1	pinoyreplaytambayan.su	1 redirects
272	63

This site contains no links.

Subject Issuer	Validity	Valid
tambayanstelesereyes.su GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
rtb.ads.travelaudience.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
ads.travelaudience.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.adventori.com R3	`2023-12-26` - `2024-03-25`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
netzwerk.uppr.de R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
eprimo.de Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
ht.uppr.de R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://tambayanstelesereyes.su/
Frame ID: CE98AA06CE8F9D41B435A26BE425D910
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 018865807FAFFE5CB8E128379D5D2F76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&adk=318159125&adf=2184669829&lmt=1705831697&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831693642&bpp=3636&bdt=97&idt=3636&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7235112623397&frm=20&pv=2&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=3652
Frame ID: AE32542625F6C88130C1CCF14A387759
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=280&slotname=8770311031&adk=1293947800&adf=3598941429&pi=t.ma~as.8770311031&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=1200x280&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697298&bpp=2&bdt=3753&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6
Frame ID: 477BB7992D5219E5FED22AC414CCB1E6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=600&slotname=6722979616&adk=2778862626&adf=2781308295&pi=t.ma~as.6722979616&w=300&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=300x600&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697308&bpp=6&bdt=3763&idt=6&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=8
Frame ID: 697114FB0CC02BA5B83A884A03FF4D69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=280&adk=2800534371&adf=4000651079&pi=t.aa~a.3829311201~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x280&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600&nras=2&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4
Frame ID: AD839DBA230738C4B6CB6AC7F0EB81BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1311831701&adf=1201606472&pi=t.aa~a.95760519~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280&nras=3&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=7
Frame ID: B0B77B61D688FD6329729B8182E59C13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=2302193839&adf=1987564233&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90&nras=4&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=9
Frame ID: 71FD30B2955575843C04A2C9F2A42864
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13
Frame ID: 23DAE48A880EAEB2D8693AA6E97E8A5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16
Frame ID: 7A84955881EB2839E8E524E5769E7906
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaztEQAGFOkK7LOOAADGU-1ObGAh5nC3YZ_4Ig&u=%7C1ds09GL865RG1qCrPhe7HFrqjdaRAwy8G6Xw%2FQbnRHM%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG_Cp4ywXMF-ZN8S-DIhp2bCn7ZBkJ8CLplEX-mAUPrZdWYBQyx0P3FMnMBo9ZLTfk2YE1FJoVEX2SEZ9tntR1iVbVwe9QPMDKWMIM2u8c4tjKpN5gi5H9chFw2hqt11Aq8CFuaJo1xBpcOD6Oixwy0PdRuYr0AhGNJbunxQsHJzp4ZKISwEZnxllLKVRnDbLeAwHCBT4KJ6xFOWjz6lCu1BLYhgZDUC4MLHadk44MqUSrWzzBKmO6pECQN60Pp2TDe6l1sQeXZ0KjNn4SM8_bd5pO-OnsiCjHb70_pFi6JYVcptWxU9i55PRzufpVQ_bhm6ScRYyVIz4Rg4QccaT7NpLaYIpzwGfz6oQ3pKMkz8yoeLN6D5w8WBhz9-GnRQ1560M5GeewB-ZploltpM48KlZC-U2-mA7U8PZBPPkH65XRzcMTyyEreXb1dKdNAX8B4jwOboh13Hann3Ukho-rC783GeS5j_-FSCmmaisn5I3QBMPQgKcYcGUEVP_l7XyjxfT9ZpQ8IWqT3zPMUEjiD_CGRFdTgOLEaDc_qGgMVcTER4Ck7b_K1nsls0XhDbtqKnJmrA05Ripz8Q0o1S1P3gCpByH5ex2rSYpdYB9mDd7NRcbaktjLZbFwFpG5UozdvHpXjyh1I4KYTtHxTp_2SA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNM-tEe2sZempGI7nsgfTjIPoDsme0rFcvY6X93DAjbcBEAEgAGCV-o6CoAeCARdjYS1wdWItODg5MTU3Nzc4MDE3MDIyNcgBCakCnYpr6GVIsj6oAwHIAwKqBNQBT9DCXw6Z12jZmN1G_6muONqyPIFK0pTgfcTZrlIkCdj2B1saHUMPU7Wn4QCO0CfulfE0379HKDm9i3I-ek1zTYuYfQp4Nwt_QQr4ddck6owT6ZDrKpPYzfEVVgZ7vxC_jPFPD2Df58aZzDrPArsoCQKY943574MNtcMIyOVZHscpxxjKx0yHQFtfRx-wYyPMpPsXb_O9D5k3IupAzYvmSc_tjwpQJ5cFNOI7psv1D3MzxjR3djZUQCzPVUBjjlVn6s44OCNgNbLVwfS1cfC_6TckfUeABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk5P2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OhdjOuGdJiMJKDYpsKjI7BUsmUQ%26client%3Dca-pub-8891577780170225%26adurl%3D
Frame ID: 2A4700DAA4461EEC331F2DA2778E73AB
Requests: 12 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015627.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%26client%3Dca-pub-8891577780170225%26adurl%3D&googlewinningprice=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA&wpc=EUR&site=tambayanstelesereyes.su&slotvisibility=1&gcpm=1698560&gpos=1&bidder=bidder-rtb-production-746b898cf6-nt4dr&dv=3&uuid=&suid=&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&ssp_id=0&l=tl&ts=1705831697&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=vayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg=
Frame ID: 583827242B4C8A92187428BE65863098
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: C03A9534F5BC2E3ACBD8110D32DA2BF9
Requests: 6 HTTP requests in this frame

Frame: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
Frame ID: AF8FE837EA36E4419547FDBE9291D9BF
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hf4m8k07yjv80cd6jkn96hg5qts0yp6qs9f134keck9z1ymd2fc2n92fd710s7zdtdxy6jvmdhbtz4az6w1d7y5nkmcefkn2f2ydmfs8xwbza6js1htnrfw7bwg3g16shd8sya4k7kdycxmazj7s6b7n97dvnhzx778nycndk7ben9egetcjsw0btax24jzacj8s658q2h16q5ct61t5z8xj9htnxt7hhtqx2q9e91zr5mw82qqfg85b4jchjdtedmqsr5tbe3fcv14w9e0gkzkx24a9nsss4rg41f3r3khp79w5tk178dcrz7yka5dqfgyj9mqw0n97fqt74zb28cbmr70yk77cdyw23zkxydgp42c5ba55p792f5zbaj2hha1mc2c291mrk1p0sfagpzvdw1qvc5d9e71rsenmges0rgpcgbgdpc8bdd9tqk2zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%26client%3Dca-pub-8891577780170225%26adurl%3D
Frame ID: 189CA034DCF9011E5DD7DBA4888386E3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: 3321D6AFA7461124D42BD75EBBE39C8C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 534098966A0C4C9BF387B81F6069AC09
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: E4FDF7A17C57231039F533F6DD9000D0
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g4cbfbnwvhh5vw10j3dnhvpzcpxsfbd2xkcdjkq62pjhaepnfgfc7qfwy7q4t2x3j4kgqsrx45xbtpprhm4h3avh0xh72nnxrdbhnr4xna2ynvn7djbjqdbs0es8jqs43nsh2gj7a1a8h41c04cayjtr426n0ag1vq7p6xh2tv66wsnhab0byjtw2evmf2c1kw7vyr3pfa2f68bphebnxmj4pskd3faj7z27mqdxa992s58arcm232a9damngzzfbmkhg0q26vdzfrxqcq44s0b1sy02wy8f0bf8d1cyxny6va1y61mq21w4trqsfwgwm1d3pm0eee714yf6cvk1796nyvnhcbjzmfqjwakg15nxn3kkqq4gh38rajn0fm5svbx139gcmnf9b2cqptw7hedhf4zxmvh19z0pvvqdhaxtacw4cma5cn5zyr3pv6bc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%26client%3Dca-pub-8891577780170225%26adurl%3D
Frame ID: B0A5C69A6F4F26AD62B6C489836365C1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: FE2730A69C4F54DD4811613127B434FA
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 57A1FDF7D29F8ED69965F7120363915A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1keprbm4yq7xysgew703s6d364zrtvx11htb17s5m23mskx663pmzdc96jc2me9mqmcce2pfy89mdpag4fcyysab1rhfz85ps6jfetd9yjrm0n3v99epd906hzxds237mhp1xv4s40awt8aqf29bhg6fe7wddgzzt3fr7p5tbyevg35m74j75t9fexb7p7c70w22sfmrrzq283e79gtnvaq79crvrckmx8exzwm4979sv8zb815y3b9f4g7wn4kq18ha512r0r1s8thbav1cytrs1y9zc36d8rwx5dv4mxj79mpr8452fbxnx55a7zp7c312svxn3cbp8awebskj2srjw6mbsgf7550fcetav7xerjynab8x6bh1p27h9gcrw0vwc0ebsns16wv9rksndpgyed7cwmhg45sq5yybcv9ghnzatcb4r64cq711w3fgwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%26client%3Dca-pub-8891577780170225%26adurl%3D
Frame ID: 497C6582982A4C18771F036E3419700B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: C386373425D587A8AF4C18C5A3BA7239
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DCC436DD040E0EACE88C27D73A99F5C9
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 51951B0C81AF0903EA44F5A46DA7DB7C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 5E8D12BDF5BB1E0519F170AA1DE43544
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hag7hnbvpmecya2txzp88gfj67hyb1yfsvgznwnzm4vz3w8765d1ztq4p0524c5pz4sp2enp1s8751dzrqfpj8mhcr8wdrdq006362e9gn226t82qp1sj67srsv9x4wc20wq9sazh91xg0xgrz58mp4c366jgbxa9veg678eqq16s4fjqvj15gv15w95ed4z9ze1r2r4p90btkfk5abrx87nqnaya8pffenk15pn8whyzn7c05m7fmnh4y11t9g9h5c0ec2xez1evadabzpnxy3g7cxbwqnvkjd0xw7yx05gx4etpwwt0jbw51tba1vmpz3d2qt62hptk0tdjmg0ynjh0jsxqmptrm8kct8xc1zer1304nr9r3tk7wsv99gy8scsqg3tt4fzt9j9m5m5tqetqgfkf8ajk90wpxxt6hgccrfj9vsnm9ds5zcae1w4r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%26client%3Dca-pub-8891577780170225%26adurl%3D
Frame ID: 15068C3A15B4AF2B5CA2DA8EDE875C5C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: A0ACD8B964DD17F71C850BA7CC544315
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F9183B2F88FB72A3F21D2428DEF582D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Frame ID: E9D61B5B2B0192034867174DF497D34B
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Frame ID: AFBEC71C77AB8BD01CFDE99B29474CDC
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Frame ID: F7BA2C87E6640290B2D1035945591C48
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: D83BA34C51CE5E5ABA7634E11081388B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Frame ID: 2AE52C2439FB1C251F4D2491BDE2B615
Requests: 12 HTTP requests in this frame

Frame: https://www.eprimo.de/postview?hp=8000001991&pvid=65aced12141e30d18a7bbb83&gdpr=0&gdpr_consent=&gdpr_pd=0
Frame ID: 600B55C5E7E0CC725BEB2EE375BE9964
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD972AC7FD9CFA5616F796CD7C47FEF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A733D3A0A865C9949E9B5096A540A5EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pinoy Tambayan | Pinoy Teleserye | Pinoy Lambingan | Pinoy TV

Page URL History Show full URLs

http://pinoyreplaytambayan.su/ HTTP 301
https://tambayanstelesereyes.su/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

272
Requests

90 %
HTTPS

42 %
IPv6

46
Domains

63
Subdomains

47
IPs

9
Countries

2975 kB
Transfer

6326 kB
Size

38
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pinoyreplaytambayan.su/ HTTP 301
https://tambayanstelesereyes.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_160x600/ad/script?tacampaign=1000428&impressionID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bidpric=1698560&z=1705831697&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTo6MTYweDYwMDpBMjYxM0FCNC0yRkEyLTQ3MzgtOUVBNS1BNzhBNzFDQzdGMEE6MTA6Ojo5MDAwMDowLjE4MzExMTk5MTk0Njg5MjE4Ojo6Ojo6MTowOjo6Ojo6OjEwMDA0Mjg6MjoxOjo6MDo6MDpERTo6Oi0xOjpaYXp0RVFBR1JyOEEtUldnQUFFN2tPR0VsZW9fSFlhbzJNVnFKQTp0YW1iYXlhbnN0ZWxlc2VyZXllcy5zdToxOjE2OTg1NjA6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTc0NmI4OThjZjYtbnQ0ZHI6OjotMTozOjo6OjdzT01rMzJvMUtOcWIzOFkyTXNBMHc9PTo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06NjAwMTU2Mjc6NzAwMDMzNTk6OTk5JTJjMToyOjQ6NTAwMDAxNTQ6OkVVUjo6Ojo6Ojo6Ojo6Ojo6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTpFVVI6Mjo6Ojo6Ojo6MDowOjowOjoxOjo6Ojo6OjEAaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs_c2E9TCZhaT1DRjE0aUVlMnNaYi1OR2FDcjVMY1BrUGVFZ0FQS2tiWDdjdFBpcGM3UkNzQ050d0VRQVNBQVlKWDZqb0tnQjRJQkYyTmhMWEIxWWkwNE9Ea3hOVGMzTnpnd01UY3dNakkxeUFFSnFRS2RpbXZvWlVpeVBxZ0RBY2dEQXFvRTB3RlAwQkV2SFMwZmV0Nzc2LTZHcFY2dVNUc3hfS0tLV1FGOXBRLS14TU1DajlrT0hVUEJjR1lEY1ZDbGJkZnNJUUZrNHdfZlNuLVo0TXBHS0k0UWxqaDR3RkYxZHZSMzB0UmRJQmtsMzdUYTgwY3F5WmhMZnpPUTdzYTFZZ01JZXVtaVhzU2s4bXdUbVNfZUNDNUtZbWtIRlkwYnkyVXdyWTNHWWVjSllXdGtFTDc1NGd4RmpKYlJvTGQ5OXZkcHpqSFotRlNYVlFYcl84NmdoTk1ueDV2SXFRdU9nRy1oTFF3YlhhbUJWVy1tbjhOZ29FYUJyZ0Q0SXJDaTFuMTI0bEg2aldlX3ZOZmNDV1FVZ2lLdlAwc2FkVmZLZ0FiRjhzamM4cTNtcGdxZ0JpR29CNmEtRzZnSGx0Z2JxQWVxbTdFQ3FBZURyYkVDcUFmX25yRUNxQWZmbjdFQzJBY0EwZ2dkQ0lEaGdCQVFBVElDcWdJNkFvQkFTTDM5d1RwWWwtdjJvcDd1Z3dQNkN3SUlBWUFNQWRBVkFZQVhBUSZudW09MSZzaWc9QU9ENjRfM2l6Y1I1YzBHb21OWHRIN1NxU0xQTWhYNEJNUSZjbGllbnQ9Y2EtcHViLTg4OTE1Nzc3ODAxNzAyMjUmYWR1cmw9%26redirect%3D HTTP 302
https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_160x600/ad/script?tacampaign=1000428&impressionID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bidpric=1698560&z=1705831697&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTo6MTYweDYwMDpBMjYxM0FCNC0yRkEyLTQ3MzgtOUVBNS1BNzhBNzFDQzdGMEE6MTA6Ojo5MDAwMDowLjE4MzExMTk5MTk0Njg5MjE4Ojo6Ojo6MTowOjo6Ojo6OjEwMDA0Mjg6MjoxOjo6MDo6MDpERTo6Oi0xOjpaYXp0RVFBR1JyOEEtUldnQUFFN2tPR0VsZW9fSFlhbzJNVnFKQTp0YW1iYXlhbnN0ZWxlc2VyZXllcy5zdToxOjE2OTg1NjA6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTc0NmI4OThjZjYtbnQ0ZHI6OjotMTozOjo6OjdzT01rMzJvMUtOcWIzOFkyTXNBMHc9PTo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06NjAwMTU2Mjc6NzAwMDMzNTk6OTk5JTJjMToyOjQ6NTAwMDAxNTQ6OkVVUjo6Ojo6Ojo6Ojo6Ojo6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTpFVVI6Mjo6Ojo6Ojo6MDowOjowOjoxOjo6Ojo6OjEAaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs_c2E9TCZhaT1DRjE0aUVlMnNaYi1OR2FDcjVMY1BrUGVFZ0FQS2tiWDdjdFBpcGM3UkNzQ050d0VRQVNBQVlKWDZqb0tnQjRJQkYyTmhMWEIxWWkwNE9Ea3hOVGMzTnpnd01UY3dNakkxeUFFSnFRS2RpbXZvWlVpeVBxZ0RBY2dEQXFvRTB3RlAwQkV2SFMwZmV0Nzc2LTZHcFY2dVNUc3hfS0tLV1FGOXBRLS14TU1DajlrT0hVUEJjR1lEY1ZDbGJkZnNJUUZrNHdfZlNuLVo0TXBHS0k0UWxqaDR3RkYxZHZSMzB0UmRJQmtsMzdUYTgwY3F5WmhMZnpPUTdzYTFZZ01JZXVtaVhzU2s4bXdUbVNfZUNDNUtZbWtIRlkwYnkyVXdyWTNHWWVjSllXdGtFTDc1NGd4RmpKYlJvTGQ5OXZkcHpqSFotRlNYVlFYcl84NmdoTk1ueDV2SXFRdU9nRy1oTFF3YlhhbUJWVy1tbjhOZ29FYUJyZ0Q0SXJDaTFuMTI0bEg2aldlX3ZOZmNDV1FVZ2lLdlAwc2FkVmZLZ0FiRjhzamM4cTNtcGdxZ0JpR29CNmEtRzZnSGx0Z2JxQWVxbTdFQ3FBZURyYkVDcUFmX25yRUNxQWZmbjdFQzJBY0EwZ2dkQ0lEaGdCQVFBVElDcWdJNkFvQkFTTDM5d1RwWWwtdjJvcDd1Z3dQNkN3SUlBWUFNQWRBVkFZQVhBUSZudW09MSZzaWc9QU9ENjRfM2l6Y1I1YzBHb21OWHRIN1NxU0xQTWhYNEJNUSZjbGllbnQ9Y2EtcHViLTg4OTE1Nzc3ODAxNzAyMjUmYWR1cmw9%26redirect%3D&tk_region=eu&tk_r=true

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIsVWCdse3T5gGVomBHhuJ4&google_cver=1&google_push=AXcoOmRqPfAlGOi_26bqubmeDnVTADI6ZCFwztpfwKPwajcs3y3gorxsDGgIZkqI_vwDxKi-doWemEOLtVg_qNqQmYddtZetzYp0hmb6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIsVWCdse3T5gGVomBHhuJ4&google_push=AXcoOmRqPfAlGOi_26bqubmeDnVTADI6ZCFwztpfwKPwajcs3y3gorxsDGgIZkqI_vwDxKi-doWemEOLtVg_qNqQmYddtZetzYp0hmb6

Request Chain 118

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOVc0QE4QXRaiR96aNmoHMU&google_cver=1&google_push=AXcoOmTXuKWLF8ZNZe7GaVM0Snu7tJV2_QwZCghVQVbnKxMYw7Mgymq-typFCkBzpxoVt9Ja_xH6maKYV3htjvHJRN4qNTlfxX94EAMZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTXuKWLF8ZNZe7GaVM0Snu7tJV2_QwZCghVQVbnKxMYw7Mgymq-typFCkBzpxoVt9Ja_xH6maKYV3htjvHJRN4qNTlfxX94EAMZ&google_hm=eS02WmFlS3Q5RTJwSGlDSFpsdDFLN1BQTWcybXA1a01YSX5B

Request Chain 119

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJFvU0ErPWKvZa67kJcnipo&google_cver=1&google_push=AXcoOmSroUgBIRKlbwA3mKSZmmGkNIyX6dVs4SfsBJW8-KxjmzaFUYS2k6NxBIS5NNRwhcdV2g3hCnEYDYjE-92c_sW9MXa-Vjv9hPk HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJFvU0ErPWKvZa67kJcnipo&google_cver=1&google_push=AXcoOmSroUgBIRKlbwA3mKSZmmGkNIyX6dVs4SfsBJW8-KxjmzaFUYS2k6NxBIS5NNRwhcdV2g3hCnEYDYjE-92c_sW9MXa-Vjv9hPk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmSroUgBIRKlbwA3mKSZmmGkNIyX6dVs4SfsBJW8-KxjmzaFUYS2k6NxBIS5NNRwhcdV2g3hCnEYDYjE-92c_sW9MXa-Vjv9hPk

Request Chain 121

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMKn5YXTYAmh3e1jstXgC5Y&google_cver=1&google_push=AXcoOmQkj0_qGS_RbrgfzxA4TYV3_N7Pe6kHPYET8o1_-fTQLF2vzJ2U2Z9vricTQK7PgSVr8AGdUqs7o-OAVHb6D5Sf9naYT0Jxq1gC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkj0_qGS_RbrgfzxA4TYV3_N7Pe6kHPYET8o1_-fTQLF2vzJ2U2Z9vricTQK7PgSVr8AGdUqs7o-OAVHb6D5Sf9naYT0Jxq1gC

Request Chain 145

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENlKlnyohVQ2ynPpN0DB5fc&google_cver=1&google_push=AXcoOmSGBkGa2kHGdWQUcILmj6G2F4-VmUrtEqIR7-_GK8z2ULznHPetL78I9W7SGtzlAS97pcAgoo5u0sx06Xw6MfdTkodifvxt0zN8YTolFqJ6wKp8IRHfCS5nSL7K65lzoVCSLQ0ByOwpCwKZDal2fj5VlA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENlKlnyohVQ2ynPpN0DB5fc&google_cver=1&google_push=AXcoOmSGBkGa2kHGdWQUcILmj6G2F4-VmUrtEqIR7-_GK8z2ULznHPetL78I9W7SGtzlAS97pcAgoo5u0sx06Xw6MfdTkodifvxt0zN8YTolFqJ6wKp8IRHfCS5nSL7K65lzoVCSLQ0ByOwpCwKZDal2fj5VlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESENlKlnyohVQ2ynPpN0DB5fc&google_cver=1&google_push=AXcoOmSGBkGa2kHGdWQUcILmj6G2F4-VmUrtEqIR7-_GK8z2ULznHPetL78I9W7SGtzlAS97pcAgoo5u0sx06Xw6MfdTkodifvxt0zN8YTolFqJ6wKp8IRHfCS5nSL7K65lzoVCSLQ0ByOwpCwKZDal2fj5VlA

Request Chain 146

https://um.simpli.fi/gp_match?google_gid=CAESEHaI2JsjdAbGJmT1KfLWwyg&google_cver=1&google_push=AXcoOmQ-_wACaMkrkCo1Y_eQbDlxUhrhGRbAKj-PZIXCCak5qfRV3_xbNKY719GNPiN7T5nViKa4zjXPNeWKI9ls-eNLGA-Rbk1zayF7vcWC_xOi5GAKPl_4oacEMU-75XCuYg_RVtPN4fMNiXhpCoNICqXgag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97E08DC659654CB6BF01D2B59B90A4DF&google_push=AXcoOmQ-_wACaMkrkCo1Y_eQbDlxUhrhGRbAKj-PZIXCCak5qfRV3_xbNKY719GNPiN7T5nViKa4zjXPNeWKI9ls-eNLGA-Rbk1zayF7vcWC_xOi5GAKPl_4oacEMU-75XCuYg_RVtPN4fMNiXhpCoNICqXgag

Request Chain 149

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGBCcoOYLt2F7VDwubWL9N4&google_cver=1&google_push=AXcoOmRIEoqxdu8hHl7de22PrtMYbJeF99TF3jcuA9AL5Oq-FxKHoR7udXENmZTB1kdaN7O3cb8_leMZ_6enNjkLYKaqhY1RTLuBliQt_QJaU2eskq4sK78tDWQRMAzwpWjeU4a5GGyV1ECVos-t1LyosN2rlKs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmRIEoqxdu8hHl7de22PrtMYbJeF99TF3jcuA9AL5Oq-FxKHoR7udXENmZTB1kdaN7O3cb8_leMZ_6enNjkLYKaqhY1RTLuBliQt_QJaU2eskq4sK78tDWQRMAzwpWjeU4a5GGyV1ECVos-t1LyosN2rlKs

Request Chain 150

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPGo4PXPYbzuNfGkHGhGTco&google_cver=1&google_push=AXcoOmStdnJmpLPgsZ-v9cLGHeNcmFRVA2k1HlotFNxWP2ABpFvaF3r0Ppl1JIxNXfQAs6ySAVo4GZQ99Rqr6nSmyLGlxnWGtxCrUk8SDDsG4XMulOtra0K7UCB_SiEeQbytSnms6Mc34D8yPGn8CAfFl20RGTwh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmStdnJmpLPgsZ-v9cLGHeNcmFRVA2k1HlotFNxWP2ABpFvaF3r0Ppl1JIxNXfQAs6ySAVo4GZQ99Rqr6nSmyLGlxnWGtxCrUk8SDDsG4XMulOtra0K7UCB_SiEeQbytSnms6Mc34D8yPGn8CAfFl20RGTwh&google_hm=kfzukQH4TZWa0cl2FsBvfSg

Request Chain 157

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKNra0OamL7bLrMexUenSAg&google_cver=1&google_push=AXcoOmSqP7QyV_U9u73Z4aw_6AFw93AJ6QluKtxKX5ntBTqIHvdBbVL4NDQRmQPawseX013Pp27wOmDnxzokXYgW1UM2BsUaED31iXB155VIAaKysuj8AfggFN4FpcM5O0-ZQKSgcN-naJOGEpvl0368MRxd-vQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAyODkzNjkzNzE4MDQwNDI4MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECebyhTjdWJ95lZwE9bRgHw&google_cver=1

Request Chain 159

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIpXn-zEHChdszgIJssD8Q4&google_cver=1&google_push=AXcoOmRW1gh79bAPQ1hUO-hjsT-yCdg6hu3H0cbd3B6Z4Dy8wY5E-6xgd25_K5mn6VVKVi9c6INs3n2UL2H0MeavygSwJdp8-ud9Svz3fKPxJbnpPqN27PrQYTm-iMtgWiEGdZPYf94yTMdW5-7P6BoaaASw0bA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIpXn-zEHChdszgIJssD8Q4&google_cver=1&google_push=AXcoOmRW1gh79bAPQ1hUO-hjsT-yCdg6hu3H0cbd3B6Z4Dy8wY5E-6xgd25_K5mn6VVKVi9c6INs3n2UL2H0MeavygSwJdp8-ud9Svz3fKPxJbnpPqN27PrQYTm-iMtgWiEGdZPYf94yTMdW5-7P6BoaaASw0bA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESEIpXn-zEHChdszgIJssD8Q4&google_cver=1&google_push=AXcoOmRW1gh79bAPQ1hUO-hjsT-yCdg6hu3H0cbd3B6Z4Dy8wY5E-6xgd25_K5mn6VVKVi9c6INs3n2UL2H0MeavygSwJdp8-ud9Svz3fKPxJbnpPqN27PrQYTm-iMtgWiEGdZPYf94yTMdW5-7P6BoaaASw0bA

Request Chain 160

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEy0A2Mv8B4XQJxDpt1bxfo&google_cver=1&google_push=AXcoOmRx4PH3WpXDFmHmtNChiX4Dyk2whCSkp4H8_ABQDWmQ464P0I-CuAPYTb6LYOL0X07plQcZH4JkoXPE7pk_lzzAWzFBkcfR6P3xbV14fPuX_IpdTJ5A-1AG05d5m4j73KDOY6nBdpY9TyfBO22JJUr5nTk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmF6dEVnQVA5dHdkM2dBTQ==&google_gid=CAESEEy0A2Mv8B4XQJxDpt1bxfo&google_cver=1&google_push=AXcoOmRx4PH3WpXDFmHmtNChiX4Dyk2whCSkp4H8_ABQDWmQ464P0I-CuAPYTb6LYOL0X07plQcZH4JkoXPE7pk_lzzAWzFBkcfR6P3xbV14fPuX_IpdTJ5A-1AG05d5m4j73KDOY6nBdpY9TyfBO22JJUr5nTk

Request Chain 162

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMZxhAiR3Xsle1qEFFQ8k74&google_cver=1&google_push=AXcoOmRzIAeQ_gp-7BMK4pYpmFR5n8sKxM765btE5FoiwoYF0E2bu6iGehvEaIguFIUIgw1wzW9tBUcRp-pRfv7AtmrtyRb_fLQ2TiWIN4BRp2aLTYLo2Nui9KUAdQ4XTo1beRddYLzaOm1FUDA1O7Td9HrwTk4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=omE6tC-iRziepaeKccx_Cg&google_push=AXcoOmRzIAeQ_gp-7BMK4pYpmFR5n8sKxM765btE5FoiwoYF0E2bu6iGehvEaIguFIUIgw1wzW9tBUcRp-pRfv7AtmrtyRb_fLQ2TiWIN4BRp2aLTYLo2Nui9KUAdQ4XTo1beRddYLzaOm1FUDA1O7Td9HrwTk4

Request Chain 163

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEARbGlMLEYkJ4i5VUdvRWlA&google_cver=1&google_push=AXcoOmREvZK7epbCFwlGqmLToEHra9gUE-4bkzgL9sU7JbPy8rm7cgPxMNZAeKEQ5hSahGuD9gPRpFZSCBoZni_xEypXSQLsdgtwvqAktxonq1_LVQpO2dCOIx6e_0RXkJM_1SYPr_E9PQgJM-qjBXCKxeeiC3Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmREvZK7epbCFwlGqmLToEHra9gUE-4bkzgL9sU7JbPy8rm7cgPxMNZAeKEQ5hSahGuD9gPRpFZSCBoZni_xEypXSQLsdgtwvqAktxonq1_LVQpO2dCOIx6e_0RXkJM_1SYPr_E9PQgJM-qjBXCKxeeiC3Y

Request Chain 196

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCKoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCKoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1705831698_ffdd3c81-b844-11ee-86b5-22356fe9f584

Request Chain 201

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE_SFGjoK2IoaVgYtCgKBRY&google_cver=1&google_push=AXcoOmS_o2zPsyRZqgDbWvbWbkIjnt01eFrF_5jJu_bu0xY0By85HG0mzm-aU4vwhxSfM8F2grsKemIVNOyrCarVUfSRR1ogjKSwbPX8eFEwBmvcdZzta7jHkUgBoRNNh7NvKS5JCGyx55mLf1B1wx4MkSAdkQM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESEE_SFGjoK2IoaVgYtCgKBRY&google_cver=1&google_push=AXcoOmS_o2zPsyRZqgDbWvbWbkIjnt01eFrF_5jJu_bu0xY0By85HG0mzm-aU4vwhxSfM8F2grsKemIVNOyrCarVUfSRR1ogjKSwbPX8eFEwBmvcdZzta7jHkUgBoRNNh7NvKS5JCGyx55mLf1B1wx4MkSAdkQM

Request Chain 202

https://um.simpli.fi/gp_match?google_gid=CAESEABYEX03WKChN0g3FYdMnmA&google_cver=1&google_push=AXcoOmRPOYQIfviCmn55xJPsBxuO4XfP56EEsGXRzIqtgevPYWoXT-x3H_E_ifQSHbdzfEUiENJqp7lETexXn4HrLArTbxfTauta28xCw12c4Qma_6_vtFUW39H-T_N3HFCpEXw13Bq7Qld7VRRi_I9oZ06jKEc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97E08DC659654CB6BF01D2B59B90A4DF&google_push=AXcoOmRPOYQIfviCmn55xJPsBxuO4XfP56EEsGXRzIqtgevPYWoXT-x3H_E_ifQSHbdzfEUiENJqp7lETexXn4HrLArTbxfTauta28xCw12c4Qma_6_vtFUW39H-T_N3HFCpEXw13Bq7Qld7VRRi_I9oZ06jKEc

Request Chain 204

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKYuTyFvubvR4P2FxmMl5FI&google_cver=1&google_push=AXcoOmR6oX772cu0AcZaB7-GHm5Bf2hgimsk0qqxFZ4PFJo0sLSNskm30V0dItTq6aKMueGpeYEMB0Y6yQY2GFuCd3BBF0qCA2dvTJR5OduVb1XPazfegzUHAPxQKjI7duKSXByWtiJObdPk27-Rkau40IfzjQ0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=omE6tC-iRziepaeKccx_Cg&google_push=AXcoOmR6oX772cu0AcZaB7-GHm5Bf2hgimsk0qqxFZ4PFJo0sLSNskm30V0dItTq6aKMueGpeYEMB0Y6yQY2GFuCd3BBF0qCA2dvTJR5OduVb1XPazfegzUHAPxQKjI7duKSXByWtiJObdPk27-Rkau40IfzjQ0

Request Chain 205

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPevhuQ-WyDvF3GZCIghGQM&google_cver=1&google_push=AXcoOmTlZWUfy3NcP7KJvk-ldnEql0ABij4kdZtrKLISIz1-6fq071g5IoZDo4EF7EzPU4yzMh2muP9OhHxjavSnxPUpUlBnZd6y0jZ8aviTLI-VFrbdPUOsQETE3WJ6tuu5iZTINbVCIcasxmSVgxnkbrEElg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmTlZWUfy3NcP7KJvk-ldnEql0ABij4kdZtrKLISIz1-6fq071g5IoZDo4EF7EzPU4yzMh2muP9OhHxjavSnxPUpUlBnZd6y0jZ8aviTLI-VFrbdPUOsQETE3WJ6tuu5iZTINbVCIcasxmSVgxnkbrEElg

Request Chain 206

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBJh_cTpaWmb3PCBDWWiBgo&google_cver=1&google_push=AXcoOmQyNy9-Mp_OguPxydxAacJ9utvwsHNnxmHIGSKggRmhYFIkZ88V78JUEOkFawRjveBkyPPib2QvJQ3uGW_vQHSVFP49cmKgVG2DZaz-AqZ717pO2Za_2olJ_V5Kob0UtIoLS9RatsR1oMLjnlpc2HMTnD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQyNy9-Mp_OguPxydxAacJ9utvwsHNnxmHIGSKggRmhYFIkZ88V78JUEOkFawRjveBkyPPib2QvJQ3uGW_vQHSVFP49cmKgVG2DZaz-AqZ717pO2Za_2olJ_V5Kob0UtIoLS9RatsR1oMLjnlpc2HMTnD8

Request Chain 207

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKCS0FQRCaQMhM9GDediapo&google_cver=1&google_push=AXcoOmT-eEeR8qfg_TNA5-KdCMToCCgOeF5emPvh27te_VsXmqKrrOp_WZRMQVTqp7555ng00BlAqwo3CfVDkc2jv_Y5gffa7HfikcotS71ibBQ0vfxofcWYkcTbUGdPq2ZTyMIMgt8GJvna7tyvU4dlRs-X1Y8b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT-eEeR8qfg_TNA5-KdCMToCCgOeF5emPvh27te_VsXmqKrrOp_WZRMQVTqp7555ng00BlAqwo3CfVDkc2jv_Y5gffa7HfikcotS71ibBQ0vfxofcWYkcTbUGdPq2ZTyMIMgt8GJvna7tyvU4dlRs-X1Y8b HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 220

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2024012111081892545119437X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2024012111081892545119437X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 224

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3DviewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2024012111081892545119439X117663V1225131106MSviewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 229

https://atlas.r.akipam.com/ts/i5033452/tsv?amc=dis.blbn.455799.507632.CRTdfSkjn1c&smc1=oneidY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUroneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_75618/cr_18ae07cc-c288-557a-a8ba-b0ebf080864c

Request Chain 242

https://ibdhut.ltt-versand.de/ts/i5039242/tsv?amc=dis.blbn.455799.471580.CRT0GtEwW-T&smc1=oneidDGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phVoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_82470/cr_337dff5c-80dd-5d5f-aaf4-db7583b54d62

Request Chain 245

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTdoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1705831698_ffe61620-b844-11ee-8694-226555b1c0ac&insert=AW&&gdpr=0&gdpr_consent=

272 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tambayanstelesereyes.su/
Redirect Chain

http://pinoyreplaytambayan.su/
https://tambayanstelesereyes.su/

87 KB
12 KB

653ms
511ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01bf6a4d3cbea9dadf404cd188f7958dc36138e448d6f90b800ea30ae036e98a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848ec1318f735b12-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 10:08:13 GMT
link: <https://tambayanstelesereyes.su/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtRq8ATWxzwI0Ow0lQzFXRkFn1Hu645Cms0V5yLIUk7DFUIJuqCvWyu6%2FNGw30%2FxGEOn6qA7ObS397nOoyaiTI7D65ZUbMd3dHheJumep4kLglvWPYXfeDzOGBJ7yJe%2FPru%2FYlrxs648mGKOiUdgsXsNHL0QFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 848ec1307b853c74-CDG
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 21 Jan 2024 10:08:12 GMT
Expires: Sun, 21 Jan 2024 11:08:12 GMT
Location: https://tambayanstelesereyes.su/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0AZsxDQyo%2B2G%2Fe%2FsFgM9462njwTRoemCRmB4XlGDoebN8wV%2Fl9hPH8pDkcqVU8Wflx4lQNVR1HZodCHko1yWu7E6fSu0RBDJBrlDt%2FjDDG8JyBWYB2PktWHfoCHh7KrpFBOAaYlkcMLLFSu3yStt1NELt2O"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 72ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891577780170225

Requested by

Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec353efd488fd717cd879488d52c1467358f6254d1b3520a3b2a3e1f61497b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Origin: https://tambayanstelesereyes.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51261
x-xss-protection: 0
server: cafe
etag: 5515152004586441152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 21 Jan 2024 10:08:13 GMT

GET
H2 200 /
tambayanstelesereyes.su/cant-buy-me-love-january-23-2024-replay-today-episode/ 0
12 KB 1608ms
1608ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/cant-buy-me-love-january-23-2024-replay-today-episode/
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://tambayanstelesereyes.su/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85ZWXfmQ45FgUs4TICJuZGTGTVvOZhGFicZE0jSVJN7v15JOlfSz0leGiKE0VvcZFfmT0RbNdO8JgbjJd8kYRpD6wj3%2FXuM4gK07Xze8AwKN8eyGM7QBeIqGkR00KjwdSbjm4oiw%2F0rGJgCAL%2FzZ3MQZAUUKpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848ec134cbb05b12-VIE
link: <https://tambayanstelesereyes.su/wp-json/>; rel="https://api.w.org/", <https://tambayanstelesereyes.su/wp-json/wp/v2/posts/14418>; rel="alternate"; type="application/json", <https://tambayanstelesereyes.su/?p=14418>; rel=shortlink
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
tambayanstelesereyes.su/abot-kamay-na-pangarap-january-20-2024-replay-today-episode/ 0
12 KB 2520ms
2520ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/abot-kamay-na-pangarap-january-20-2024-replay-today-episode/
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://tambayanstelesereyes.su/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7oVv9rdkr6Iu3CKHv%2BrP%2FleTqqdpS2lK45352vnXWZHDPtF9BdIRoVX0%2F6f8m9LyE2XLl79LGpBF5Rg74vCOfDvakyWrheFeQ6rDz9HBu%2FHkSpA8OXf980N3k%2BnxJvm8cnN7aiUXQOb2V6hFvY7aXOCq8jt7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848ec13539753ce6-CDG
link: <https://tambayanstelesereyes.su/wp-json/>; rel="https://api.w.org/", <https://tambayanstelesereyes.su/wp-json/wp/v2/posts/14339>; rel="alternate"; type="application/json", <https://tambayanstelesereyes.su/?p=14339>; rel=shortlink
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
tambayanstelesereyes.su/cant-buy-me-love-january-22-2024-replay-today-episode/ 0
12 KB 234ms
234ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/cant-buy-me-love-january-22-2024-replay-today-episode/
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://tambayanstelesereyes.su/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AB3A9f3KVIv0AbHDDt%2FfrBNdfC1ty77edQYMrblhSseEFdJlgQi7Sm9SqH04tbBhyeiDbbUpWizlmADLLPvloQeMD0JYrnWfT28NnNtAWjHxztXE6BpP%2F8H09Vt2m5ggRZZFuK8IeDwN5ejR6HytreadVNcY3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848ec14bdb573ce6-CDG
link: <https://tambayanstelesereyes.su/wp-json/>; rel="https://api.w.org/", <https://tambayanstelesereyes.su/wp-json/wp/v2/posts/14356>; rel="alternate"; type="application/json", <https://tambayanstelesereyes.su/?p=14356>; rel=shortlink
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
tambayanstelesereyes.su/batang-quiapo-january-19-2024-replay-today-episode/ 0
12 KB 2233ms
2232ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/batang-quiapo-january-19-2024-replay-today-episode/
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://tambayanstelesereyes.su/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2F5HdurRFI8KrslcLJHQaFD5wq1Y9iwGCsyLk3RIZVEEDu3GRYgkMDIVDPfd0sZ%2BJ%2ByZZ5OwdmU%2BunoO%2FVaDjGGtfIYPtjFAv4KrhAQ6MEfB7OnpbXdtR9GpHxj57IVU02ZAptUHhiud%2F7uMRJ2KF7FMZZSFPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848ec14beb7c3ce6-CDG
link: <https://tambayanstelesereyes.su/wp-json/>; rel="https://api.w.org/", <https://tambayanstelesereyes.su/wp-json/wp/v2/posts/14219>; rel="alternate"; type="application/json", <https://tambayanstelesereyes.su/?p=14219>; rel=shortlink
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
tambayanstelesereyes.su/senior-high-january-19-2024-replay-today-episode/ 0
12 KB 2336ms
2336ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/senior-high-january-19-2024-replay-today-episode/
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://tambayanstelesereyes.su/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APWJPwVhCfJn67hdpejWY2hZDGom06EBRLe5qCHSxQOc7Uu7c%2BwAYMgL8HqhIYbwyz5rsSjDvtBjXud%2Fl07VtBienyT3Eagn5wWexzB9o%2FH8oHHEUm6M6j%2FI1IPrqmt34xgapDpfTEzcxLp6Ql6BlAlgKicCkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848ec14bfb9d3ce6-CDG
link: <https://tambayanstelesereyes.su/wp-json/>; rel="https://api.w.org/", <https://tambayanstelesereyes.su/wp-json/wp/v2/posts/14218>; rel="alternate"; type="application/json", <https://tambayanstelesereyes.su/?p=14218>; rel=shortlink
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
tambayanstelesereyes.su/batang-quiapo-january-18-2024-replay-today-episode/ 0
12 KB 2339ms
2339ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/batang-quiapo-january-18-2024-replay-today-episode/
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://tambayanstelesereyes.su/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rU9J4nxM11s%2B%2BC7hvzibPxIUh%2BmMMeCcIjnL9ucBQVir1RFb%2FX7QK%2FGOppjmpaLyPvyOmb%2BtuaxwFkwDGG3XR%2FaoVYmWFH4EB62FOqp8QhJbTriZl73SNUPuOKgyhyrl3sAu9BkKriipd57k0noLHjeE1JqHxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848ec14c0b9e3ce6-CDG
link: <https://tambayanstelesereyes.su/wp-json/>; rel="https://api.w.org/", <https://tambayanstelesereyes.su/wp-json/wp/v2/posts/14101>; rel="alternate"; type="application/json", <https://tambayanstelesereyes.su/?p=14101>; rel=shortlink
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
tambayanstelesereyes.su/senior-high-january-18-2024-replay-today-episode/ 0
12 KB 2224ms
2224ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/senior-high-january-18-2024-replay-today-episode/
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://tambayanstelesereyes.su/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7FfgqSnmqxCfqqg25AwYFqvILHHPVAdScaVkS7Lsw5%2BBCb5XA%2BisYWPmU6koh5ldgxcwuzoISUsiECRqrOSI0x2urN7tKMHN9%2BoPNGCiQRRYlFJWSsocAHe59YXvYlkBpLeWfglPjbeZrwbkcv4L58td0Z8yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848ec14c0ba13ce6-CDG
link: <https://tambayanstelesereyes.su/wp-json/>; rel="https://api.w.org/", <https://tambayanstelesereyes.su/wp-json/wp/v2/posts/14100>; rel="alternate"; type="application/json", <https://tambayanstelesereyes.su/?p=14100>; rel=shortlink
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ 402 KB
136 KB 76ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8891577780170225&plah=tambayanstelesereyes.su&bust=31080505

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891577780170225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47cec94fe363e95524640048dbb86edfe80e62e47958e880cbcad5745d70590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139607
x-xss-protection: 0
server: cafe
etag: 10723395494050985310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:08:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 0188 9 KB
4 KB 27ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891577780170225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 00:24:58 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 00:24:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.min.css
tambayanstelesereyes.su/wp-includes/css/dist/block-library/ 107 KB
15 KB 2562ms
2562ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 05:40:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjzYpKIPbk%2F4Us8BmtjKlEMVzVTnLhq%2Bgh8fdqJL2j%2FW0I8mOlr8dA44TkxeZ8QF4fO85H36q6LhaakeJOQzzmV6fmTSZQpGBNCQ4NQhaxIOhtjbgc8nqoBL2hbpGysH70oiisYWmsKT0eAkVX4qvVUDue7%2Fxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 848ec13579c63ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
tambayanstelesereyes.su/wp-content/themes/mts_magxp/ 72 KB
15 KB 3595ms
3595ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/style.css?ver=6.4.2
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3925d45d3b8e8847401695160ae87e4a798d6064bc79be3b1ea7d2660ef5f53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Aug 2023 12:08:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYW4gO3HR428uvH3gnv1aMr4a15Dyph2LDpoLhcqFQ9ho64VBh%2FqhqHNyieqE2ayoOwgUPef%2FUx6jiuPzmn%2BeH2uLHpZqrxChYUCTIA337udNTgjkej%2BK74FdALbjiyLBAzkrrfbJLU2ztyOMnAUFcqClDL3zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 848ec13579c93ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 font-awesome.min.css
tambayanstelesereyes.su/wp-content/themes/mts_magxp/css/ 30 KB
7 KB 2969ms
2968ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/css/font-awesome.min.css?ver=6.4.2
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Aug 2023 12:08:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuBCNR04ZVb3%2FszEYBBRHtbv439TiZIqMfbcwpnDpp2PQLwuI2Y1R%2BX%2BdPsTbXToYWtiz8QvC1xhUroiJQKNF8AqtifTbdlrSOVYnUIHFSpKmDLqy1r0x94j3GuUql7js%2FfjHsDK0pWO%2BBY8lUkwZzO4Yo1Acw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 848ec13579cb3ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 responsive.css
tambayanstelesereyes.su/wp-content/themes/mts_magxp/css/ 13 KB
3 KB 2413ms
2413ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/css/responsive.css?ver=6.4.2
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4707e53ba48629ebca1197892648e5abfda5bf5db2d7483e2ee63e753c1442de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Aug 2023 12:08:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7QCF2tDmJS3DyW7gYsiEuswEBE4yOXQ2tt2iyxJR4lUcKlOswFw1Gmy8GBXZlyz%2FqPR8MBvHK4CagRG2OHuRNGZ5xiCTI%2BgteDTXiQF%2BCDlThf3w6JbiigDEOEiKSCdymbMx4W3m8kN%2BAKUUMWZ5jRV1PnDVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 848ec13579cc3ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
tambayanstelesereyes.su/wp-includes/js/jquery/ 86 KB
31 KB 3347ms
3347ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Nov 2023 05:40:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxqfZghn98qopKthuEToD5Pbdvv4tGD0HTKw4bb7Y3PypgHxxZUwY5mlQo8zUl1%2FihJwFBGEPyGMRyiI5iaC4LQtolnZ3ZCX41A5Q1iH8KPzbx%2Fjxl7v7tF8aQAxE2AZ7mU%2FeukjTN%2BlGA5TkUhfK9zQwI2dhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 848ec13579cd3ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
tambayanstelesereyes.su/wp-includes/js/jquery/ 13 KB
5 KB 3425ms
3425ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry%2FO7x2FGA1g2jxmHhig9hrHpks4VmxyarinlqDJlGLbxAZbQ738BdWU18sC9qZSsQKFCmoU6DIIlr16TOcGWBsgyFn9gyih0fjoG%2BlzRIkCE2iDsxl0yiu9B8%2BWNlah9ZST6nqknglqmpCLOaLEneaPNmUffA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 848ec13579cf3ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 ajax.js Show response
tambayanstelesereyes.su/wp-content/themes/mts_magxp/js/ 20 KB
7 KB 2425ms
2425ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/js/ajax.js?ver=6.4.2
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01fbfca65701c89f0ad9e73a5e3500b46e7663c01886a082565b867409b840bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Aug 2023 12:08:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OouX%2BrzuxI3kzIp4ZHO4lWRuwvnYLQja3Dy9icLmRHlQ7oESX879YoH7w12yNSVBFNqjkIh3YIMN1A8Opq5K5KkqoZNNAwwk0Yw%2B6PCGhZBCpBXnmq4FSfbSpKD2YFXUxhjoLyA6oUIuydtpdiZyhbCVYarogQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 848ec13579d03ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 785 B
802 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Armata:normal&subset=latin&display=swap

Requested by

Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e36246b8219bfd220ce1bc95e76230459591a6e52f21fa862e82155dbe2b0998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 10:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 10:08:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 10:08:13 GMT

GET
BLOB 200
OK d7038648-68cb-430b-943f-8b8e8f408b54
https://tambayanstelesereyes.su/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tambayanstelesereyes.su/d7038648-68cb-430b-943f-8b8e8f408b54
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 customscript.js Show response
tambayanstelesereyes.su/wp-content/themes/mts_magxp/js/ 9 KB
3 KB 3257ms
3257ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/js/customscript.js?ver=3.2.12
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65cb0c98ca33dd9257fdc3004c9873488d2f45b2d24db368b5baf63294a2423b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Aug 2023 12:08:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uvhyb8sIJpU9MSM39vQyEToHwimYZPmZoxqua0TKG0bFkHaUzl%2FAGi8RXO2nI6N%2FlcmnNvcFK9%2FFFjWPanYz8u%2BhtrQA8V2yuPWoib0xbfNamB1szpC2BwUR%2FRZEaXWaRrcGoxe1sjnVpwHrY29aGwXSK1AlWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 848ec1361a9f3ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 sticky.js Show response
tambayanstelesereyes.su/wp-content/themes/mts_magxp/js/ 1 KB
846 B 3238ms
3238ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/js/sticky.js?ver=6.4.2
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9740052f52197cc9bbfeb0eec75be6f0ca645314a921a481b7b2f061ad4b003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Aug 2023 12:08:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sunGm0ECgjL0OE1N7YmikItA14%2BfZGOVx5TLOo5vSUy3NFqojHGN3x2qJCRTX3u%2B%2FIV0wY3xiq51DVj7Ky%2BIs0%2BzcQ%2Bu7DbgZLssfqouedjO5WVqcfSfWAOf%2BajdiOta0VWuqUfxRPZ2sjQY9yPfasnhT7fr4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 848ec1361aa13ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 nobg.png
tambayanstelesereyes.su/wp-content/themes/mts_magxp/images/ 68 B
534 B 1784ms
1784ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/images/nobg.png
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Aug 2023 12:08:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDAKvqa7Qhzf%2FcjGZfx%2B5fgNMhKS2pf3kLeEmLvBKOWG2%2BT%2FK7PjoijcyshMrBCaJj%2Fw09CyNkzT6haz3KDP2krPpxyAJhfm9zhnagtuuKqIsBwaycgsRkPB%2B9rnZkyrhPdhNDYz94Ygo4danhzQAt5gqW1qTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c0ba43ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 68

GET
H2 200 gokvH63_HV5jQ-ENkzR2YWivmA.woff2
fonts.gstatic.com/s/armata/v20/ 11 KB
11 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/armata/v20/gokvH63_HV5jQ-ENkzR2YWivmA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Armata:normal&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e8c83d29dea6243470b9ee1b2a169991a71dfce32195d4b61d44e48058d3c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tambayanstelesereyes.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 15 Jan 2024 13:52:09 GMT
x-content-type-options: nosniff
age: 504968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10920
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:14:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 13:52:09 GMT

GET
H3 200 fontawesome-webfont.woff2
tambayanstelesereyes.su/wp-content/themes/mts_magxp/fonts/ 70 KB
71 KB 1931ms
1931ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/fonts/fontawesome-webfont.woff2
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/css/font-awesome.min.css?ver=6.4.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://tambayanstelesereyes.su/wp-content/themes/mts_magxp/css/font-awesome.min.css?ver=6.4.2
Origin: https://tambayanstelesereyes.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Tue, 29 Aug 2023 12:08:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5gSoUHPlBcarbVNboFQoH%2BKtgPhcOfLa7fHIn69VE0%2BOtZyAnGsN2pOhv2vSjx6TmYbmbWKNf9VXDhTaHVtbTks%2FT5yzK%2Bv842trX3KORtZnlHYyMFhuYf%2F2CVGxMvppncKMFXJP4tWJqT2PK3eXiorADTprw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c0baa3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 71896

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE32 10 KB
1 KB 256ms
254ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&adk=318159125&adf=2184669829&lmt=1705831697&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831693642&bpp=3636&bdt=97&idt=3636&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7235112623397&frm=20&pv=2&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=3652

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8891577780170225&plah=tambayanstelesereyes.su&bust=31080505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a89afcd794a4983a54db70307439068858e43334fe3e793b6467f63bc08426d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1088
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:17 GMT
expires: Sun, 21 Jan 2024 10:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8891577780170225

Requested by

Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23569f43eb13e8b8e63a39a7385238be9391a3e8124950922a5523f08cf0f5b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Origin: https://tambayanstelesereyes.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51271
x-xss-protection: 0
server: cafe
etag: 7733226907136402542
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 21 Jan 2024 10:08:17 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 477B 39 KB
15 KB 428ms
427ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=280&slotname=8770311031&adk=1293947800&adf=3598941429&pi=t.ma~as.8770311031&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=1200x280&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697298&bpp=2&bdt=3753&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f01a0af6a838a805c4d1d3062540b488ecd2b0300fd5d25c7ddc330f072044aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15566
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:17 GMT
expires: Sun, 21 Jan 2024 10:08:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6971 48 KB
16 KB 418ms
418ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=600&slotname=6722979616&adk=2778862626&adf=2781308295&pi=t.ma~as.6722979616&w=300&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=300x600&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697308&bpp=6&bdt=3763&idt=6&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fe9781c230bfc4a9b8e0e2ef045f68bff093555ee101b672d9244cdc9927b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16252
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:17 GMT
expires: Sun, 21 Jan 2024 10:08:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cant-Buy-Me-Love-203x150.jpeg
tambayanstelesereyes.su/wp-content/uploads/2023/10/ 10 KB
11 KB 1719ms
1718ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/10/Cant-Buy-Me-Love-203x150.jpeg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 018d47c21cbfc5e72ff5935d15d85a2b9267d2523b55fdf325876b1909090cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sat, 14 Oct 2023 14:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnQuLDfE5R%2BsgKj6mJcXVsoRiumJ7MGvV1jGLyzgTUjTLxj4gomGu6hUA0BoPW4Xx%2BSzQDOl0jNCs7OFufKKAe6TFh1MKPj6TI66%2BJtGHSrOPMHK0HzQNUsFtYUJPKrOgWFKTPPo%2BADmF4QLQ6e8uSTUSpb0jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c0f3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 10468

GET
H3 200 Abot-Kamay-na-Pangarap1-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/08/ 8 KB
8 KB 1737ms
1735ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/08/Abot-Kamay-na-Pangarap1-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c7ed97e33ce3ab7cb92fcfd00ce602bb4fc31faf7c11e715c6b73910066935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 11:37:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srGe%2FDOtaDfJgREbQgNsJ72FA9EFaWiMwpYrnc9BCr%2BmW8F2sRcF154%2BZfOFT6SwQoXOBt1MoNPDV2fbc5loR%2FmXoZSeqeRGQGIuvOaj30yXsPS%2BbstWXfHi2oTh%2BB7ayWM5FGIoq6DHWDzQTNevn1yirU5vtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c153ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 8020

GET
H3 200 fbg-bataang-qaipo-203x150.png
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 57 KB
58 KB 1867ms
1865ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/fbg-bataang-qaipo-203x150.png
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648bdb48e379402c9c95a4234ee9fb93fa02bc547b77e5ed04610e4811810b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 02:23:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOws9hhYapWnBM1pl%2FbUUzI6g%2FUC658fCdrXcaWC2E5cWVftLdJJSn303Dr71FEK63zhANm1gDJ6sjRkqIbBaRRjVGAZrvYVVWJ9LpJDTNT0Zar64fokl22Ck61%2FQzNMnZ6Q6WMLo%2BkeOSJ1pUJlwKzgJnNZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c173ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 58733

GET
H3 200 Senior-High-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2024/01/ 9 KB
9 KB 2716ms
2714ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2024/01/Senior-High-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777bb6ff27612d220e678b822acb49a14ee20f649644fbb9fb1fa83fbf974fd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Jan 2024 06:22:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ep6LBhZSOFdCypsewpulrZHdhKHaKSxtdt7btBaakUv6wrjVB%2F%2Ftk%2BOGnXPGTfN4x9Sci18GOJikfuiMTM0KFvuSv5b8WuYwBs0uco2GHXZSf9svjLhJOJpGcrySRvazMFrlAhCOYS9B8VAe5Vr69%2FsBSGk00w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c193ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 9002

GET
H3 200 Kapuso-Mo-Jessica-Soho-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 8 KB
9 KB 1738ms
1736ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Kapuso-Mo-Jessica-Soho-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ad5ae81229da9bf23f212bb6573c8a45d62a4165fe560e09c5656c4748f792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 03:31:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFOlb0lIQ2581yO6qIvL4Xn1eThe7NyVxFijQPjgnlg33CPOWLVeEnS%2FpElpr%2BL%2BJhSMxRAmeIdxLvb3nQh82Ix7I2sDYdMtalyy3sdygofQ8E0G4%2FklgO0VWdr%2B0BQzxx6ygTlIlXeO5O%2F7slDM61iJLyAqUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c1b3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 8633

GET
H3 200 Everybody-Sing-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 8 KB
9 KB 1739ms
1738ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Everybody-Sing-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59003ff074b41d04e920874bab61326cb84b4235a07621b31474496bff5dc9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJR3feoNWdMw%2BWfLposqcNfafXB4BGfe0RSmxfwJ9EnnLWvEKjD40P1lyT3UWSMat9luVUnE4kMTfv9Eah73gk%2F19Tx5CNMCILEAkzEVJpIzGzpCu4lvjTmhGq9NMj4Z4%2BZjrOjQu%2BT2noiZPCVjkbwGI1tsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c1d3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 8304

GET
H3 200 I-Can-See-Your-Voice-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 9 KB
9 KB 1847ms
1845ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/I-Can-See-Your-Voice-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37f3c209ff4d95fb224af378c3b2fab59d6ae8b0d1cdfc2fcad8591e98b3624a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:36:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VV9crVjHPhRu7egJMbemoGZSr8tjIMCyNmbFx1qu%2FsEQJMNScnONO9cOs75hkvwvsB7tMoYq7Go4BzyRS94gBc6sKkdMG%2BYSv9H%2BOoGLM9YcoEXBcG28h%2BI%2F7QLtZXg%2FhXEtxloEmg5u4XeFs%2Fign4XOkgqpmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c1e3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 9178

GET
H3 200 Resibo_cleanup-203x150.png
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 54 KB
54 KB 1868ms
1866ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Resibo_cleanup-203x150.png
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d6f5368f2d13d71cc2aaa70158ce2647c09a196e9705c015fdd50bf8713ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 03:27:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NicpIHJbWrx3QtVj6xa%2B2g02fheRnfo5gozKOfVdmOm7uMlGwY85R83Wbzqp9tFwVOKPbz71qQwcYZJuZpAmUqPtR%2BctDFuG5owQgMkBJA4EOsv%2FY4%2BtjV3cwUUrHe3Jag2TEa9JWNvxz1mz3Nr3jKdlMnDwQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c213ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 55221

GET
H3 200 imgpsh_fullsize_anim-_1_-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/10/ 10 KB
10 KB 2736ms
2734ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/10/imgpsh_fullsize_anim-_1_-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e80e55f89af85f4b661c29ab952db79607f1565c7812416a4c6619a28f78d787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 21 Oct 2023 12:22:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwWqBihWbK3IzXVtdzJ8s%2FV1fqFoiLFox2BvxMUaIPFtR9O2Z2jNzjoHGA4C1fySGomYYAOak96G67PXOku0Ajl0rc6T1npkvK%2F1MYRwKk5npcMuWvEiwwPp5OIsbmMgqijKNwi6shlHICxl6fXCNa8hD%2FgLQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c243ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 10020

GET
H3 200 24-Oras1-203x150.png
tambayanstelesereyes.su/wp-content/uploads/2023/08/ 31 KB
32 KB 2799ms
2798ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/08/24-Oras1-203x150.png
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f3aa73dbd3a611a2ea3a973ccb99b4ce6aaf19e7e04de5adb76b060f75ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Aug 2023 11:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlbFCEc61zH6iCVX0U%2FuS7afy7WWuVCZhjtVptZv8hDYQ%2BrQc3CP7Y6Bdx8QzifCJHzPKB9HizfJ8C0QwlEgwdACERcN7hSQOe6XJN9x5sqRzxTiuCEkmIyDFqlI4QEsMnkFBGYa8e%2FkB%2FB3ApjBqrGX%2B7tQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c263ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 31848

GET
H3 200 TV-Patrol1-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/08/ 10 KB
11 KB 1720ms
1718ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/08/TV-Patrol1-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35106f4af450ced7e266611f64909bf612fd6904a3a12380ed9cb75af99200dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Aug 2023 11:14:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEf9ZOsVzh%2F9oX3TREBdZ7ev7rCg20pV71qKyFiZlk5vCqfcjy5VcRHBUZFwwhL6yvy2IGujIGSC0Zey7rzMdiHaGdahi%2FAhIvMFsPlkMcw1hxxedCQT40Jr40zE9Nv5FITcolGlRcENiHsDgbHRkvpO%2B%2Fuz5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c293ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 10702

GET
H3 200 BBL-Gang-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 7 KB
8 KB 2761ms
2760ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/BBL-Gang-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85150ba6c84a14583c068f48cdbac40bd951c7f4d51bf2ecc253a32bd27bc10f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 03:25:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmo0DNBb47fzMLGVKlYvI%2BLwGANTAmwQi%2BRuboTnqowaAcYET%2BSQrHofXrxOa1nhWf1alXKe%2FRXLFLKjVCIrBuAHP4tlM9H81KntPuKf%2BisnMN7Aw%2Fl8r6tKGkBt2%2Fb6YyZ9Z0A54ApfXYOWDk5LetTtj6URBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c2b3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7656

GET
H3 200 Ipaglaban-Mo-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 9 KB
10 KB 1720ms
1719ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Ipaglaban-Mo-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a89ee2045a2a314dcce68c994122cefa35a2b07c3dbc72b487cd6faadb434c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 03:24:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diI%2FaZZhni1nvOjz7qZpwHlNRH1XeE9K2J8x3pJtjN32TvNyvY6ecZjG62Yi8T6CRedobxKBBLoHAB38iGH0J7Q8a4vjaZbMEvCwwhlb6oSfrC%2BHZ85gFgG0lrJUWIx%2FTCw5KQZiTwYDlge3IH7kBdehXAb4XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c2d3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 9532

GET
H3 200 All-Out-Sundays-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 11 KB
11 KB 1740ms
1739ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/All-Out-Sundays-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9263387620380aed5251f808fc54258e80c1865fb2af38b47cbe3865a5992f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 03:24:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow%2BMqcYNZPwXPWcGga1DlaqT3JAJ9Wo7d%2BQqmVFzyzIuB1ha%2FnnSM8%2FDvvN7DW%2B2O3Klfi8l0MJwvflxYsz1ZHF%2FdI6cJTyid55B%2B7z%2B%2FfaJjX6FWFcK%2BqufU0MiTrooZsdC5b5bNQxI9tuGCr91v%2FbftlDCDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c303ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 10936

GET
H3 200 Asap-203x150.png
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 55 KB
56 KB 1901ms
1899ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Asap-203x150.png
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c847af5e2671f0a4508f3f4559dd66e33ef0321fdf225317254fdcfb1ab2e559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 03:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BN89qlLgfW8NuQy93SesPMbO1v4BVJ5T3n7dZjT3E4%2BYRNs6F%2FBv34s3xX%2BAgf9GcJDt5jDnczLzum9rEdyHyWcKebqO7VP5DG%2Ff2qBGaqX41EvBBVmRh8QB5hDdChkhUR0enXUIz46bRVyqWqIfhsLWKlE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c313ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 56381

GET
H3 200 Pira-Pirasong-Paraiso-203x150.jpeg
tambayanstelesereyes.su/wp-content/uploads/2023/12/ 10 KB
10 KB 2756ms
2755ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/12/Pira-Pirasong-Paraiso-203x150.jpeg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4803eda0af01b46bcef917a72c16b1d42e157fcb2045f56b9ce40c37de51b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 05:31:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Le3htX8TnJiyyZYPWHzn0prD8BvG6gt5ihuHrd9JLd87da%2BbUyoKzoCF8XsYk%2FY3gcCViXT4bXPHiGi8Rh5OMFHqQzUGZsn36U6VrX6KZERHUWd1xW%2BdfNlxSj%2Bu0uGNM1RpuqCobT%2BIq%2F6e43dtvxi6ThVqKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c323ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 9940

GET
H3 200 Open-24-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 11 KB
11 KB 2759ms
2758ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Open-24-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcecf3419923a5653d60000b6edb7c1e818306f02e1179e6e811c3f18c7f94a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:34:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trR324XLqQ8%2BhApwjmsvfPaqsWMIQ%2B%2Bu230HtH%2BJ0%2B8iIkWBBYU5Mge9IR0C2Cd%2B2uxivMvmYgsgtpFTL2NHbcRPWScyxxQAdSnkqwifkBJ9CfyUVBtAnkRZvdUL7oTra7%2B8xuTR9JRsAxaXq2%2B%2B6sz6QtB%2BxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c333ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 11288

GET
H3 200 Magpakailanman-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 8 KB
8 KB 2730ms
2729ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Magpakailanman-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 816df849a50e34e10c7db6e51cd883feeb5300447f46de270521584ffd7b4ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 02 Sep 2023 03:35:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35jyPgjCyCIf4T4uOiYUpD8nlgJb2tS%2Bcf%2BfiAc0ITLsfA3JWYf5VtbDpweGagR2TFuUrB3IR6YNqKyUtVMRlTN3rYFEezJDCM7XOR7UrHXWKFJqXwNs6%2B5JaDzchTxnk%2BGpHG1aGKZBMkH8qiCdUBOzoxpilg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c363ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 8224

GET
H3 200 Daig-Kayo-ng-Lola-Ko-203x150.png
tambayanstelesereyes.su/wp-content/uploads/2023/10/ 61 KB
62 KB 2875ms
2874ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/10/Daig-Kayo-ng-Lola-Ko-203x150.png
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841fa257d453259e7adb822afaec7d35d6decedce6e33b21be95696d54103f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 14 Oct 2023 05:31:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLihzJQHKt2%2BCXro8HnQ%2FkK8GB9On2JrtGu8x2bIjzi4TXnjrYDVS47IUsWJmNCTMqdgp%2FzA%2FoWeEJy2OJ97x4kOSAK3gPa%2BiC8T5uNFFR%2F%2F%2FE3Rpgan0i5qihW8ogubtgsP0xe9zyEXdczOeWsOn3%2BGKqBGNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c383ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 62580

GET
H3 200 Pepito-Manaloto-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 13 KB
14 KB 1793ms
1792ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Pepito-Manaloto-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 465733440909ac6667ad37c111ac6b6f052853d14d5a9cbe19d163870219a244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:31:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkioKJQFhPE1DiZdlHKfDJbhuZIBnq3ZTasegMlD9wK97b%2BEDAacX4IS0cQIR9n5Kq%2F4UQUC%2Fta7etPl69Af%2BHQkGKLzWlh8JanbH%2FqIiGtCU%2Bg8CcmKInTjKi%2FyAzHuP1hFWmiLD%2BjaLpLYe2ylGte9pX5Heg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c3a3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 13549

GET
H3 200 pinoy-crime-stories-203x150.jpeg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 9 KB
9 KB 1741ms
1740ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/pinoy-crime-stories-203x150.jpeg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3cd68f3201ce6b82cf1bedf94449aa245a23ee61b1a4b520eb0acf68aa32220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Sep 2023 03:55:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnflutAuu0aaDO7BsBxPcDMAHa5S8Fb4lp5qkwLl88FdGQ0tb2iOEutVn54trV8z%2BHDH6vziQ08tIx8yUUXqLefSUj%2F5lhdNSXRe0SbLpIZ%2F%2FqEuvQIr2%2B18EIHJ7F%2Fcssl7s2QmzjsOkB4Wddm0PyR0yKOyvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c3c3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 9087

GET
H3 200 Tadhana-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 8 KB
8 KB 2731ms
2730ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Tadhana-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70a3bb2a36d217f29e837d070dc4c87f873cedb85b1a5066148b283c1ce9457f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:29:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7yFpziZj0P%2BDLPwVMhZ8EFbeM11jhFTrjQqOfes3ozPkwIqYVShM1LZpchW4betbvwYwPjMhsa2BPr9PDSMk%2Ff%2BOsS05Jj98ITIefuZSqkY784yiUlAZnQgOYUQPFcxm7Lv%2FU5MNOxp8aM5iMnFK9vm%2FAA6JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c3d3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 8092

GET
H3 200 Wish-Ko-Lang-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 10 KB
10 KB 2749ms
2748ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Wish-Ko-Lang-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6524c7a37dbd2d845f8c924e1130fc69e3d0681b54b51487a53c7984f267349b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:28:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrYxW7Ega4R32%2FeAPW%2BTzBUvBULSQcjeExEg2%2BVX4JEj9BM1GnlZOen9eZ5ZQqwrAgH7YM%2BR1v46ufPhaxjdd8q0Yaa3gmf2x40q%2BPF3e0%2FBq7VpEOZWTbb%2B9ZGP2m5dIM5OW7h232Ua9cyKRKcUNwAc%2F41G0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c3e3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 9803

GET
H3 200 E.A.T-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/08/ 10 KB
11 KB 2750ms
2749ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/08/E.A.T-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54f8699a5bc72a845b8991a8cbaa65dbc3cd2a64252e04683e310445d368299c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Aug 2023 11:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKhjQ6Olem%2FXcn7PxIoMRCdnf6oywoSDXfktDfWeeoaJeH6bMUi5W1EEXLkGyQ2BWiUZ2apTsalLahaOE0dJyXHTdWx0%2FmZ%2BiU3fM4rGIf%2F3WMh8J9BXYMPHTx7Ws0EyiwECUfa%2BkyoW4QuwReg3fizOeQfgpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c3f3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 10392

GET
H3 200 Its-Showtime1-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/08/ 8 KB
8 KB 1742ms
1741ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/08/Its-Showtime1-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a33e64183ef5e3ed2443484cabd4708e5602d9acf9f2c62c76ddaab8f2a16a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Aug 2023 10:58:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0gYQQ8Vsc%2Fpq4GdkcNTfUA4%2By7rRA015zHrHkvUWH89IgeGWb5ksq6v4uqIHyyoZuPDhd1uKvRz6s%2BAlwcY1rV3XjLOdSA6fXM1C5POCXNCdl36OO%2BMveMk8Jj2YI7ZazQnVNzxdzwky8CM4fvETKIHAxN%2FUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c413ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7924

GET
H3 200 Sarap-Di-Ba-203x150.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 12 KB
12 KB 2787ms
2787ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Sarap-Di-Ba-203x150.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d536b27c08b430c3a31086bc8b4e5cc0d80b0e94407189b90b385d03af1754f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:24:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10lDOr27D22v%2BvoSJKUdqSz5LWR83nIOrb%2FJ3eDU%2F4Vnr9tS8CJjEDDQJiSlZfBAHT0wQrzFTgsAB4cR%2BHjhM0N3Lhg5%2B%2BYPTxD%2Fd0PjcZzjLGZJ3kFm1t4xhGy8jyraWiwq%2FZAAdwHhL3JxJA1sU9QjXC76Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c5c423ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 12035

GET
H3 200 wp-emoji-release.min.js Show response
tambayanstelesereyes.su/wp-includes/js/ 18 KB
5 KB 2795ms
2795ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tambayanstelesereyes.su/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhOL31a84rYFApKAZqVc1z112qGye4I1To5hLZarhoCod9Q9umWkHNh5uCm2%2FZSVFpKneauSRLbEoGYzAXDP5yKxEOh0KnsIevf9uv8F8HIKDDI4zMs8nv%2FuaTdBM%2F6toXkMZJiv0QjtnSS56qJb8tGzkMnERQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 848ec14c5c433ce6-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 Cant-Buy-Me-Love-65x65.jpeg
tambayanstelesereyes.su/wp-content/uploads/2023/10/ 3 KB
3 KB 2376ms
2376ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/10/Cant-Buy-Me-Love-65x65.jpeg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1406fe13a9ec1a44dca475731a925d1fb18452e66f5f310a2121bbe78e7e6f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
cf-cache-status: MISS
last-modified: Sat, 14 Oct 2023 14:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMLSWtSiSLfWJc6UZ6d53HzC8x7BaYcfHHBV63SdXas0GNX7eJVpCYpRzUyFy0J3a%2FytXWupxZaWpc5x4deKTf5v4jqPJzMzeoApt9CoBF9QCy0jnrJucDm1JCF1Pa6%2FPWKpihLNPfd9htNHqiwqUCTK6NcBRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c6c453ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2600

GET
H3 200 Kapuso-Mo-Jessica-Soho-65x65.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 2 KB
3 KB 2748ms
2748ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Kapuso-Mo-Jessica-Soho-65x65.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4522a1476e76fedc04816c392f57a4a91dbce6d44bcecbfa0c7d7fb9eb3c13bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 03:31:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkiblZ17Pb%2Bw7MGGP%2F5SKs8MaMfw2KttARKmItzJvJFT1c7UnXHHZJmTpXVjQemMpxNcTH0jQvxOSpMEmwUG65gQf3rlI4IPXT0myIrPHYXjSHXchOKNtrxvg23n0Sn85lFiJEA5EqcY0fkl8AnE87CXqYCvjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c6c463ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2393

GET
H3 200 Everybody-Sing-65x65.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 2 KB
3 KB 2750ms
2749ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Everybody-Sing-65x65.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83c5840c635e009f19d22edd0299958db471d0c3ad367f3ea1da34b845354937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEcyWCsMc8b8RESXUN5SEbrkdSMUz2c8O%2FH8ePvRY90%2FaApNm8XSbD41sbP8Pxiwkm6vK2XZ6KB5ybB7tVIhKKg30SZJgCieS7q93UOQI3gKhcRum%2BcSinU0bB6usPFKIOMT4gPjgmadtTVVtkY%2BJEeDUGAY9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c6c483ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2333

GET
H3 200 I-Can-See-Your-Voice-65x65.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 3 KB
3 KB 2713ms
2712ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/I-Can-See-Your-Voice-65x65.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a2465e783a9aa5311e8279c7dfc9d0f7ba5439b4cd97c3ffc38f3c89d100bdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 03:36:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kydix0Tj2huQRdAiRshm6GjNN%2BxjROZR3N9ZGpTh%2BrXMzAGkmeASZ36TaBQB6bkiaHG394tqtSCfcO%2BuKtWVF44Tdo8kmmQIAXJPko7ymsHXiMTxPQaiIN8c7sFhlMCrv2GRi0dgS883AJLA2mEptweuvxcyMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c6c493ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2628

GET
H3 200 Resibo_cleanup-65x65.png
tambayanstelesereyes.su/wp-content/uploads/2023/09/ 10 KB
10 KB 2718ms
2718ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/09/Resibo_cleanup-65x65.png
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ccbf5b3ae7a5ef5fb869f463fb089d69be3e8af8157f20f0e0ff65041cd0e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 03:27:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gd9QjwfXrEzwI9tPqlKXlOep36LNSZQUQOpKU1TiWp9g0TDPfTHyr3CowO4HXhSOVpqOw42U4KrQk48POtz2ORT8%2FWrFmkbLil6CrXKQpSMxRfNhRnK%2BRVTigR9LzyUPcFTHDTusMaCulmlPgPyQAcw5PpOo9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c6c4d3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 9795

GET
H3 200 imgpsh_fullsize_anim-_1_-65x65.jpg
tambayanstelesereyes.su/wp-content/uploads/2023/10/ 2 KB
3 KB 2742ms
2741ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/10/imgpsh_fullsize_anim-_1_-65x65.jpg
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d16330e15cf7067165f91cd75795eb250da8ce8fbeac7d1a061f4383131f51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Sat, 21 Oct 2023 12:22:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Csmn7%2FxelQmhpN%2F4LCXIubUvH2Vn81Lx0WjnUHEs6d7rHdMsxFXZi0eu1Ue%2FMfSjXyLZOoUSMV4q%2BXIW5g3ZH66vu7k973aPfyvtJBZ05G6gjYVTS2kRpDPGE57pPRBaaokDZhFgZHK7wiKSNNC4Wbwuc0CZqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c6c4e3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2474

GET
H3 200 24-Oras1-65x65.png
tambayanstelesereyes.su/wp-content/uploads/2023/08/ 7 KB
7 KB 2726ms
2726ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tambayanstelesereyes.su/wp-content/uploads/2023/08/24-Oras1-65x65.png
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef3c926922a4a9d225edad8548ee93b9b89293911509426b8db5c89855027f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cf-cache-status: MISS
last-modified: Wed, 30 Aug 2023 11:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdvJjTavr9lCgsZioj%2FB10JUA3sUf7CbjeMqwzfbMeJ8tktJ7cZ80QQ0HADVCxe7av7Yh%2BSb1z73RuqH5WyNmSXjlam4mjU5dMj3JgkRzPLFzJP%2FkbKmSmgsyE86ZOpC1wjBZq2JGX%2FzM%2BpQwHXMMAq9Nl5qTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848ec14c6c4f3ce6-CDG
alt-svc: h3=":443"; ma=86400
content-length: 6660

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD83 742 B
394 B 388ms
388ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=280&adk=2800534371&adf=4000651079&pi=t.aa~a.3829311201~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x280&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600&nras=2&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e387fdbd22cc33d1e0c3a1c7fadfa325a37fc7062dbe178cacdebe6a949b857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 369
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:17 GMT
expires: Sun, 21 Jan 2024 10:08:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0B7 52 KB
18 KB 587ms
587ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1311831701&adf=1201606472&pi=t.aa~a.95760519~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280&nras=3&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144a0e7cbe04b781458336807e0356ec502aede0e52ee20f5a71b44f0dee2fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18756
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: Sun, 21 Jan 2024 10:08:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71FD 52 KB
18 KB 691ms
690ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=2302193839&adf=1987564233&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90&nras=4&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77fdc2ebec4afc6be8dfed1305d81aa779a3cacf1edd56837caefc03a2b3fc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18705
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: Sun, 21 Jan 2024 10:08:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23DA 51 KB
18 KB 407ms
406ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b20f23fef547a1c50b5cb2a3320ffb3a4387d25f24e73f7320ecd4d9417bc18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18341
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: Sun, 21 Jan 2024 10:08:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A84 51 KB
18 KB 563ms
562ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

363411a8a1c078746c0e5d19f95c277086287f9ad52a4e932d480d004b999f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18651
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: Sun, 21 Jan 2024 10:08:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 477B 3 KB
1 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=280&slotname=8770311031&adk=1293947800&adf=3598941429&pi=t.ma~as.8770311031&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=1200x280&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697298&bpp=2&bdt=3753&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 477B 20 KB
9 KB 37ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 477B 206 KB
66 KB 105ms
79ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:08:17 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2A47 106 KB
40 KB 58ms
27ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaztEQAGFOkK7LOOAADGU-1ObGAh5nC3YZ_4Ig&u=%7C1ds09GL865RG1qCrPhe7HFrqjdaRAwy8G6Xw%2FQbnRHM%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG_Cp4ywXMF-ZN8S-DIhp2bCn7ZBkJ8CLplEX-mAUPrZdWYBQyx0P3FMnMBo9ZLTfk2YE1FJoVEX2SEZ9tntR1iVbVwe9QPMDKWMIM2u8c4tjKpN5gi5H9chFw2hqt11Aq8CFuaJo1xBpcOD6Oixwy0PdRuYr0AhGNJbunxQsHJzp4ZKISwEZnxllLKVRnDbLeAwHCBT4KJ6xFOWjz6lCu1BLYhgZDUC4MLHadk44MqUSrWzzBKmO6pECQN60Pp2TDe6l1sQeXZ0KjNn4SM8_bd5pO-OnsiCjHb70_pFi6JYVcptWxU9i55PRzufpVQ_bhm6ScRYyVIz4Rg4QccaT7NpLaYIpzwGfz6oQ3pKMkz8yoeLN6D5w8WBhz9-GnRQ1560M5GeewB-ZploltpM48KlZC-U2-mA7U8PZBPPkH65XRzcMTyyEreXb1dKdNAX8B4jwOboh13Hann3Ukho-rC783GeS5j_-FSCmmaisn5I3QBMPQgKcYcGUEVP_l7XyjxfT9ZpQ8IWqT3zPMUEjiD_CGRFdTgOLEaDc_qGgMVcTER4Ck7b_K1nsls0XhDbtqKnJmrA05Ripz8Q0o1S1P3gCpByH5ex2rSYpdYB9mDd7NRcbaktjLZbFwFpG5UozdvHpXjyh1I4KYTtHxTp_2SA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNM-tEe2sZempGI7nsgfTjIPoDsme0rFcvY6X93DAjbcBEAEgAGCV-o6CoAeCARdjYS1wdWItODg5MTU3Nzc4MDE3MDIyNcgBCakCnYpr6GVIsj6oAwHIAwKqBNQBT9DCXw6Z12jZmN1G_6muONqyPIFK0pTgfcTZrlIkCdj2B1saHUMPU7Wn4QCO0CfulfE0379HKDm9i3I-ek1zTYuYfQp4Nwt_QQr4ddck6owT6ZDrKpPYzfEVVgZ7vxC_jPFPD2Df58aZzDrPArsoCQKY943574MNtcMIyOVZHscpxxjKx0yHQFtfRx-wYyPMpPsXb_O9D5k3IupAzYvmSc_tjwpQJ5cFNOI7psv1D3MzxjR3djZUQCzPVUBjjlVn6s44OCNgNbLVwfS1cfC_6TckfUeABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk5P2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OhdjOuGdJiMJKDYpsKjI7BUsmUQ%26client%3Dca-pub-8891577780170225%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0d5ee8743b8d45969da74b7946346d93dd456e8d1d5efc9b0f6a6246791c250c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2maN8SC93SEITbnWTdezcCcE5hOkk-oQhoMMv_JJzTmk0XzxaNZ_iFLGLg8GsY6_c41yXRL2bPugsRXiBSn4D3guOVdO_MrSYjd2FA5dhA4WWjZaIeVHN0Nw58FQL_-VSkAnD21u3iPzBz2ejn4cJcK9-825fNv0uBUxqamxKNf6d4uFIZ15p8SAFMLKo0naShBrl8rwnTBGF2WzpjSjLDbj2Y920EQJ-vQsTF8JTqy-idQLgWpDDyP7HcBPzHNYnm0Chw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 12831669
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rtb Show response
rtb.ads.travelaudience.com/ Frame 5838 7 KB
4 KB 87ms
23ms Document
text/html 35.187.184.108
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.ads.travelaudience.com/rtb?ads=1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015627.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%26client%3Dca-pub-8891577780170225%26adurl%3D&googlewinningprice=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA&wpc=EUR&site=tambayanstelesereyes.su&slotvisibility=1&gcpm=1698560&gpos=1&bidder=bidder-rtb-production-746b898cf6-nt4dr&dv=3&uuid=&suid=&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&ssp_id=0&l=tl&ts=1705831697&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=vayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=600&slotname=6722979616&adk=2778862626&adf=2781308295&pi=t.ma~as.6722979616&w=300&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=300x600&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697308&bpp=6&bdt=3763&idt=6&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

6425db30c2f4b4c16c5105a28a748f83e4fff8679941be6ed874c915cdfc12cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 21 Jan 2024 10:08:17 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-engine-version: 0.0.0
x-host: deliveryengine-rtb-production-b78967497-pt7qt

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C03A 3 KB
1 KB 23ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C03A 20 KB
8 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C03A 206 KB
65 KB 130ms
120ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:08:17 GMT

GET
DATA 200
OK truncated
/ Frame C03A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30f82bba7977da140ee09203670133339c3e6623bacc8aa4b92c0e32b09cc739

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 477B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e44d7ab945ab268d6cfa9bda9e1c81641a5ffff8e606db8770152dfd4981977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2A47 2 KB
1 KB 43ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaztEQAGFOkK7LOOAADGU-1ObGAh5nC3YZ_4Ig&u=%7C1ds09GL865RG1qCrPhe7HFrqjdaRAwy8G6Xw%2FQbnRHM%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG_Cp4ywXMF-ZN8S-DIhp2bCn7ZBkJ8CLplEX-mAUPrZdWYBQyx0P3FMnMBo9ZLTfk2YE1FJoVEX2SEZ9tntR1iVbVwe9QPMDKWMIM2u8c4tjKpN5gi5H9chFw2hqt11Aq8CFuaJo1xBpcOD6Oixwy0PdRuYr0AhGNJbunxQsHJzp4ZKISwEZnxllLKVRnDbLeAwHCBT4KJ6xFOWjz6lCu1BLYhgZDUC4MLHadk44MqUSrWzzBKmO6pECQN60Pp2TDe6l1sQeXZ0KjNn4SM8_bd5pO-OnsiCjHb70_pFi6JYVcptWxU9i55PRzufpVQ_bhm6ScRYyVIz4Rg4QccaT7NpLaYIpzwGfz6oQ3pKMkz8yoeLN6D5w8WBhz9-GnRQ1560M5GeewB-ZploltpM48KlZC-U2-mA7U8PZBPPkH65XRzcMTyyEreXb1dKdNAX8B4jwOboh13Hann3Ukho-rC783GeS5j_-FSCmmaisn5I3QBMPQgKcYcGUEVP_l7XyjxfT9ZpQ8IWqT3zPMUEjiD_CGRFdTgOLEaDc_qGgMVcTER4Ck7b_K1nsls0XhDbtqKnJmrA05Ripz8Q0o1S1P3gCpByH5ex2rSYpdYB9mDd7NRcbaktjLZbFwFpG5UozdvHpXjyh1I4KYTtHxTp_2SA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNM-tEe2sZempGI7nsgfTjIPoDsme0rFcvY6X93DAjbcBEAEgAGCV-o6CoAeCARdjYS1wdWItODg5MTU3Nzc4MDE3MDIyNcgBCakCnYpr6GVIsj6oAwHIAwKqBNQBT9DCXw6Z12jZmN1G_6muONqyPIFK0pTgfcTZrlIkCdj2B1saHUMPU7Wn4QCO0CfulfE0379HKDm9i3I-ek1zTYuYfQp4Nwt_QQr4ddck6owT6ZDrKpPYzfEVVgZ7vxC_jPFPD2Df58aZzDrPArsoCQKY943574MNtcMIyOVZHscpxxjKx0yHQFtfRx-wYyPMpPsXb_O9D5k3IupAzYvmSc_tjwpQJ5cFNOI7psv1D3MzxjR3djZUQCzPVUBjjlVn6s44OCNgNbLVwfS1cfC_6TckfUeABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk5P2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OhdjOuGdJiMJKDYpsKjI7BUsmUQ%26client%3Dca-pub-8891577780170225%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jan 2025 10:08:17 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2A47 2 KB
1 KB 40ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jan 2025 10:08:17 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2A47 308 B
636 B 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 15 Jan 2025 10:08:17 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2A47 293 B
621 B 42ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 15 Jan 2025 10:08:17 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2A47 43 B
348 B 61ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=w2T9V4C2kk7Q95mSxiJHnKBonD7JkgWDSZuZnx_XQuwL25rnaHRaS9r-YI3OOrGGgeug9RmAru6JbKKcDielm1MXCvoGmG-cSHX_jRPcCxpEfVNtc6SipGJv82LuLIlgQP_qbeBxK-VKaktlafoVMp_GpzYFonuOFTBxRkmMgEn9HwXAFLlBDE9K1kBX9sh0x0n3Otmwz_aeXmYNLwb0nf7_U1iiLvhfauQlgRIj32g1_nza0H46RXzLtYGqCrgeYy-SxATgKjz36NqrKZbcP8UCQ2cvbhCqRZkHukK1sVSSrs1_-sF-6ldQ_3cbewVA2xjdcNJJEa7JL_w_kazXMwnWUB_JoHBxz-23R8C_xgpDN8gZzJ-oNYJkHzFziFU-6McH8vzqiHFiILPNaP2iIDPMvYl7w2PdKSqoBHyFRcecv1kirQFUdmglUF3AiNNqRim8-A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1828925
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2A47 12 KB
6 KB 25ms
15ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jan 2025 10:08:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2A47 25 KB
25 KB 58ms
25ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=109926&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109926%2F5172558%2Fd602a38af4df4d55a9e4a757fc0d6894_231121_dgj_logo_bild-wortmarke_criteo_growth_levers_1200x1200.png&v=3&w=480&rid=4&s=pXPQsBT-ZxvU_7FB4drMmxg6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

351df7d7374a249032d547aa9e04b699d83999cd013795ae3055337f8481e7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 25776
expires: Mon, 06 Jan 2025 21:32:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2A47 0
128 B 45ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=2maN8SC93SEITbnWTdezcCcE5hOkk-oQhoMMv_JJzTmk0XzxaNZ_iFLGLg8GsY6_c41yXRL2bPugsRXiBSn4D3guOVdO_MrSYjd2FA5dhA4WWjZaIeVHN0Nw58FQL_-VSkAnD21u3iPzBz2ejn4cJcK9-825fNv0uBUxqamxKNf6d4uFIZ15p8SAFMLKo0naShBrl8rwnTBGF2WzpjSjLDbj2Y920EQJ-vQsTF8JTqy-idQLgWpDDyP7HcBPzHNYnm0Chw&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 10:08:17 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2A47 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jan 2025 10:08:17 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2A47 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jan 2025 10:08:17 GMT

GET
H2 200 el.ashx
ads.travelaudience.com/ Frame 5838 631 B
675 B 50ms
22ms Image
image/jpeg 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.2423757575893605&adPos=&ai1=1%3B1000428%3B2%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3B60015627%3B999%252c1%3B%3B%3B2%3B4%3B50000154%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3BEUR%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70003359%3B2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-746b898cf6-nt4dr&bnr=0&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&di=&did=-1&dnt=&dv=3&ed=&ev=ic&fm=160x600&gcpm=1698560&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=18&sc=&site=tambayanstelesereyes.su&ssp=0&sv=1&tsf=&ua=&uc=DE&ucy=&uuid=A2613AB4-2FA2-4738-9EA5-A78A71CC7F0A&view=&vrt=&vw=&wp=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015627.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%26client%3Dca-pub-8891577780170225%26adurl%3D&googlewinningprice=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA&wpc=EUR&site=tambayanstelesereyes.su&slotvisibility=1&gcpm=1698560&gpos=1&bidder=bidder-rtb-production-746b898cf6-nt4dr&dv=3&uuid=&suid=&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&ssp_id=0&l=tl&ts=1705831697&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=vayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/jpeg
x-host: tde-deliveryengine-production-5db7bf8975-k484n
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

script Show response
eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_160x600/ad/ Frame 5838
Redirect Chain

https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_160x600/ad/script?tacampaign=1000428&impressionID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bidpric=1698560&z=1705831697&clickTag=ht...
https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_160x600/ad/script?tacampaign=1000428&impressionID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bidpric=1698560&z=1705831697&clickTag=ht...

187 KB
37 KB

20ms
20ms

Script
text/javascript

51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_160x600/ad/script?tacampaign=1000428&impressionID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bidpric=1698560&z=1705831697&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTo6MTYweDYwMDpBMjYxM0FCNC0yRkEyLTQ3MzgtOUVBNS1BNzhBNzFDQzdGMEE6MTA6Ojo5MDAwMDowLjE4MzExMTk5MTk0Njg5MjE4Ojo6Ojo6MTowOjo6Ojo6OjEwMDA0Mjg6MjoxOjo6MDo6MDpERTo6Oi0xOjpaYXp0RVFBR1JyOEEtUldnQUFFN2tPR0VsZW9fSFlhbzJNVnFKQTp0YW1iYXlhbnN0ZWxlc2VyZXllcy5zdToxOjE2OTg1NjA6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTc0NmI4OThjZjYtbnQ0ZHI6OjotMTozOjo6OjdzT01rMzJvMUtOcWIzOFkyTXNBMHc9PTo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06NjAwMTU2Mjc6NzAwMDMzNTk6OTk5JTJjMToyOjQ6NTAwMDAxNTQ6OkVVUjo6Ojo6Ojo6Ojo6Ojo6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTpFVVI6Mjo6Ojo6Ojo6MDowOjowOjoxOjo6Ojo6OjEAaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs_c2E9TCZhaT1DRjE0aUVlMnNaYi1OR2FDcjVMY1BrUGVFZ0FQS2tiWDdjdFBpcGM3UkNzQ050d0VRQVNBQVlKWDZqb0tnQjRJQkYyTmhMWEIxWWkwNE9Ea3hOVGMzTnpnd01UY3dNakkxeUFFSnFRS2RpbXZvWlVpeVBxZ0RBY2dEQXFvRTB3RlAwQkV2SFMwZmV0Nzc2LTZHcFY2dVNUc3hfS0tLV1FGOXBRLS14TU1DajlrT0hVUEJjR1lEY1ZDbGJkZnNJUUZrNHdfZlNuLVo0TXBHS0k0UWxqaDR3RkYxZHZSMzB0UmRJQmtsMzdUYTgwY3F5WmhMZnpPUTdzYTFZZ01JZXVtaVhzU2s4bXdUbVNfZUNDNUtZbWtIRlkwYnkyVXdyWTNHWWVjSllXdGtFTDc1NGd4RmpKYlJvTGQ5OXZkcHpqSFotRlNYVlFYcl84NmdoTk1ueDV2SXFRdU9nRy1oTFF3YlhhbUJWVy1tbjhOZ29FYUJyZ0Q0SXJDaTFuMTI0bEg2aldlX3ZOZmNDV1FVZ2lLdlAwc2FkVmZLZ0FiRjhzamM4cTNtcGdxZ0JpR29CNmEtRzZnSGx0Z2JxQWVxbTdFQ3FBZURyYkVDcUFmX25yRUNxQWZmbjdFQzJBY0EwZ2dkQ0lEaGdCQVFBVElDcWdJNkFvQkFTTDM5d1RwWWwtdjJvcDd1Z3dQNkN3SUlBWUFNQWRBVkFZQVhBUSZudW09MSZzaWc9QU9ENjRfM2l6Y1I1YzBHb21OWHRIN1NxU0xQTWhYNEJNUSZjbGllbnQ9Y2EtcHViLTg4OTE1Nzc3ODAxNzAyMjUmYWR1cmw9%26redirect%3D&tk_region=eu&tk_r=true

Requested by

Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015627.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%26client%3Dca-pub-8891577780170225%26adurl%3D&googlewinningprice=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA&wpc=EUR&site=tambayanstelesereyes.su&slotvisibility=1&gcpm=1698560&gpos=1&bidder=bidder-rtb-production-746b898cf6-nt4dr&dv=3&uuid=&suid=&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&ssp_id=0&l=tl&ts=1705831697&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=vayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg=

Protocol

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Resource Hash

684d04785f6e6cdf43d4f892c3f45ddb3b5756fc399840ff70e3bae73a01bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_160x600/ad/script?tacampaign=1000428&impressionID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bidpric=1698560&z=1705831697&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTo6MTYweDYwMDpBMjYxM0FCNC0yRkEyLTQ3MzgtOUVBNS1BNzhBNzFDQzdGMEE6MTA6Ojo5MDAwMDowLjE4MzExMTk5MTk0Njg5MjE4Ojo6Ojo6MTowOjo6Ojo6OjEwMDA0Mjg6MjoxOjo6MDo6MDpERTo6Oi0xOjpaYXp0RVFBR1JyOEEtUldnQUFFN2tPR0VsZW9fSFlhbzJNVnFKQTp0YW1iYXlhbnN0ZWxlc2VyZXllcy5zdToxOjE2OTg1NjA6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTc0NmI4OThjZjYtbnQ0ZHI6OjotMTozOjo6OjdzT01rMzJvMUtOcWIzOFkyTXNBMHc9PTo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06NjAwMTU2Mjc6NzAwMDMzNTk6OTk5JTJjMToyOjQ6NTAwMDAxNTQ6OkVVUjo6Ojo6Ojo6Ojo6Ojo6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTpFVVI6Mjo6Ojo6Ojo6MDowOjowOjoxOjo6Ojo6OjEAaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs_c2E9TCZhaT1DRjE0aUVlMnNaYi1OR2FDcjVMY1BrUGVFZ0FQS2tiWDdjdFBpcGM3UkNzQ050d0VRQVNBQVlKWDZqb0tnQjRJQkYyTmhMWEIxWWkwNE9Ea3hOVGMzTnpnd01UY3dNakkxeUFFSnFRS2RpbXZvWlVpeVBxZ0RBY2dEQXFvRTB3RlAwQkV2SFMwZmV0Nzc2LTZHcFY2dVNUc3hfS0tLV1FGOXBRLS14TU1DajlrT0hVUEJjR1lEY1ZDbGJkZnNJUUZrNHdfZlNuLVo0TXBHS0k0UWxqaDR3RkYxZHZSMzB0UmRJQmtsMzdUYTgwY3F5WmhMZnpPUTdzYTFZZ01JZXVtaVhzU2s4bXdUbVNfZUNDNUtZbWtIRlkwYnkyVXdyWTNHWWVjSllXdGtFTDc1NGd4RmpKYlJvTGQ5OXZkcHpqSFotRlNYVlFYcl84NmdoTk1ueDV2SXFRdU9nRy1oTFF3YlhhbUJWVy1tbjhOZ29FYUJyZ0Q0SXJDaTFuMTI0bEg2aldlX3ZOZmNDV1FVZ2lLdlAwc2FkVmZLZ0FiRjhzamM4cTNtcGdxZ0JpR29CNmEtRzZnSGx0Z2JxQWVxbTdFQ3FBZURyYkVDcUFmX25yRUNxQWZmbjdFQzJBY0EwZ2dkQ0lEaGdCQVFBVElDcWdJNkFvQkFTTDM5d1RwWWwtdjJvcDd1Z3dQNkN3SUlBWUFNQWRBVkFZQVhBUSZudW09MSZzaWc9QU9ENjRfM2l6Y1I1YzBHb21OWHRIN1NxU0xQTWhYNEJNUSZjbGllbnQ9Y2EtcHViLTg4OTE1Nzc3ODAxNzAyMjUmYWR1cmw9%26redirect%3D&tk_region=eu&tk_r=true
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:17 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/travel198849194933/ Frame 5838 334 KB
113 KB 60ms
20ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/travel198849194933/moatad.js
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015627.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%26client%3Dca-pub-8891577780170225%26adurl%3D&googlewinningprice=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA&wpc=EUR&site=tambayanstelesereyes.su&slotvisibility=1&gcpm=1698560&gpos=1&bidder=bidder-rtb-production-746b898cf6-nt4dr&dv=3&uuid=&suid=&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&ssp_id=0&l=tl&ts=1705831697&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=vayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8ad699b94dcb8ac5c24ab5f4e6bfaa6fa8ddd26d90ff42fc3e395a8310684512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:56:36 GMT
server: AmazonS3
x-amz-request-id: 5ADD2SR6FVQW52ZN
etag: "37dd62b52cf0e911ad78369a74658368"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=29247
accept-ranges: bytes
content-length: 115629
x-amz-id-2: pDgLJ/GC6iJcEq1w9HPnL5hxp5Yl0hMIxYlTeVWDpPG0k8FmTDjsCf81esmNtOs4aNdcYCs9Jaw=

GET
H2 200 creative.js Show response
ads.travelaudience.com/js/ Frame 5838 56 KB
20 KB 42ms
16ms Script
application/javascript 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015627.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%26client%3Dca-pub-8891577780170225%26adurl%3D&googlewinningprice=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA&wpc=EUR&site=tambayanstelesereyes.su&slotvisibility=1&gcpm=1698560&gpos=1&bidder=bidder-rtb-production-746b898cf6-nt4dr&dv=3&uuid=&suid=&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&ssp_id=0&l=tl&ts=1705831697&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=vayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: baccf45a36486a2abc76291138c8661c88e8a2aa1ad74d279882ae80245e0fb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: public
date: Sun, 21 Jan 2024 10:08:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 20 Jan 2024 10:33:21 GMT
server: nginx/1.21.6
etag: W/"65aba171-e1b5"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 10:08:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 477B 0
23 B 48ms
47ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC-vSEe2sZempGI7nsgfTjIPoDsme0rFcvY6X93DAjbcBEAEgAGCV-o6CoAeCARdjYS1wdWItODg5MTU3Nzc4MDE3MDIyNcgBCakCnYpr6GVIsj6oAwHIAwKqBNEBT9DCXw6Z12jZmN1G_6muONqyPIFK0pTgfcTZrlIkCdj2B1saHUMPU7Wn4QCO0CfulfE0379HKDm9i3I-ek1zTYuYfQp4Nwt_QQr4ddck6owT6ZDrKpPYzfEVVgZ7vxC_jPFPD2Df58aZzDrPArsoCQKY943574MNtcMIyOVZHscpxxjKx0yHQFtfRx-wYyPMpPsXb_O9D5k3IupAzYvmSc_tjwpQJ5cFNOI75MnUnfOgFgnRphGOzAwm8U5EhONtxNa6jOtdk0Bq39it6Toryd6ABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYk5P2op7ugwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODg5MTU3Nzc4MDE3MDIyNRgA&sigh=kNFzdGCQggg&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_B67qcXkdCkdz0vUh1bYxj7y326kmsKDs8zgicC-z2pOH8AIEp0y8XhQ2tanb9tjGqh38UWr2pxTzh6XLghntRGc5o1k0Dy2mehgB&cbvp=2&vis=1

Requested by

Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=280&slotname=8770311031&adk=1293947800&adf=3598941429&pi=t.ma~as.8770311031&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=1200x280&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697298&bpp=2&bdt=3753&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 Jan 2024 10:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Jan 2024 10:08:17 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 477B 0
126 B 40ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKGoGcz6RLAJmAKdg2ICAgAAACgwqf4YtUHeEBDtrGW-92tNp2nJhNDLAAASAAAKCkFRVUJBUUVCQVE&wp=ZaztEQAGFOkK7LOOAADGU-1ObGAh5nC3YZ_4Ig&cbvp=2

Requested by

Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:17 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 144942
server: Kestrel
content-length: 0

GET
H2 200 index.html Show response
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/ Frame AF8F 18 KB
3 KB 18ms
18ms Document
text/html 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439

Requested by

Host: eu.adventori.com
URL: https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_160x600/ad/script?tacampaign=1000428&impressionID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bidpric=1698560&z=1705831697&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTo6MTYweDYwMDpBMjYxM0FCNC0yRkEyLTQ3MzgtOUVBNS1BNzhBNzFDQzdGMEE6MTA6Ojo5MDAwMDowLjE4MzExMTk5MTk0Njg5MjE4Ojo6Ojo6MTowOjo6Ojo6OjEwMDA0Mjg6MjoxOjo6MDo6MDpERTo6Oi0xOjpaYXp0RVFBR1JyOEEtUldnQUFFN2tPR0VsZW9fSFlhbzJNVnFKQTp0YW1iYXlhbnN0ZWxlc2VyZXllcy5zdToxOjE2OTg1NjA6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTc0NmI4OThjZjYtbnQ0ZHI6OjotMTozOjo6OjdzT01rMzJvMUtOcWIzOFkyTXNBMHc9PTo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06NjAwMTU2Mjc6NzAwMDMzNTk6OTk5JTJjMToyOjQ6NTAwMDAxNTQ6OkVVUjo6Ojo6Ojo6Ojo6Ojo6OjoyV21UdU5TQXpDbGN2dnNfWW5kaG1fQk83Wkw0OHJmVVVNUUcwQTpFVVI6Mjo6Ojo6Ojo6MDowOjowOjoxOjo6Ojo6OjEAaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs_c2E9TCZhaT1DRjE0aUVlMnNaYi1OR2FDcjVMY1BrUGVFZ0FQS2tiWDdjdFBpcGM3UkNzQ050d0VRQVNBQVlKWDZqb0tnQjRJQkYyTmhMWEIxWWkwNE9Ea3hOVGMzTnpnd01UY3dNakkxeUFFSnFRS2RpbXZvWlVpeVBxZ0RBY2dEQXFvRTB3RlAwQkV2SFMwZmV0Nzc2LTZHcFY2dVNUc3hfS0tLV1FGOXBRLS14TU1DajlrT0hVUEJjR1lEY1ZDbGJkZnNJUUZrNHdfZlNuLVo0TXBHS0k0UWxqaDR3RkYxZHZSMzB0UmRJQmtsMzdUYTgwY3F5WmhMZnpPUTdzYTFZZ01JZXVtaVhzU2s4bXdUbVNfZUNDNUtZbWtIRlkwYnkyVXdyWTNHWWVjSllXdGtFTDc1NGd4RmpKYlJvTGQ5OXZkcHpqSFotRlNYVlFYcl84NmdoTk1ueDV2SXFRdU9nRy1oTFF3YlhhbUJWVy1tbjhOZ29FYUJyZ0Q0SXJDaTFuMTI0bEg2aldlX3ZOZmNDV1FVZ2lLdlAwc2FkVmZLZ0FiRjhzamM4cTNtcGdxZ0JpR29CNmEtRzZnSGx0Z2JxQWVxbTdFQ3FBZURyYkVDcUFmX25yRUNxQWZmbjdFQzJBY0EwZ2dkQ0lEaGdCQVFBVElDcWdJNkFvQkFTTDM5d1RwWWwtdjJvcDd1Z3dQNkN3SUlBWUFNQWRBVkFZQVhBUSZudW09MSZzaWc9QU9ENjRfM2l6Y1I1YzBHb21OWHRIN1NxU0xQTWhYNEJNUSZjbGllbnQ9Y2EtcHViLTg4OTE1Nzc3ODAxNzAyMjUmYWR1cmw9%26redirect%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

f8b6ab3ba2344107041789a477a156ec87b37e2119f77ca1e8a4437e64e7f846

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rtb.ads.travelaudience.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=300
content-encoding: gzip
content-length: 3014
content-type: text/html
date: Sun, 21 Jan 2024 10:08:17 GMT
etag: "4604-5fa39d76a9da4-gzip"
expires: Sun, 21 Jan 2024 10:13:17 GMT
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 trackPrint
eu.adventori.com/tracker/ Frame 5838 43 B
241 B 20ms
19ms Image
image/gif 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdShow&tk_campaignId=DubaiTourism_Always-on_TravelAudience_202010&tk_cartoucheId=DubaiTourism_AlwaysOn_202010_TEST_160x600&tk_ui=_4V_kbhEEe6KQ-3-icPQPg&tk_ip=81.95.5.40&tk_userAgent=Mozilla%2F5.0%20(Linux%3B%20Android%2011%3B%20SM-N960U)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.131%20Mobile%20Safari%2F537.36&tk_urlClick=https%3A%2F%2Feu.adventori.com%2Fcreatives%2Fdubai-tourism%2F202010-alwaysOn%2F160x600%2Findex.html%3Ftheme%3Dmisc%26country%3DDE%26language%3DDE%26brand%3DWEGO%26scenarioType%3DAdvertiserID-OK%26advertiserName%3DDubai%2520DMO%2520RFP%2520Weg%2520DE%26advertiserIDValue%3D1000428%26advertiserIDReceived%3Dtrue%26advertiserIDStatus%3DOK%26impressionID%3D2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A%26bidPrice%3D1698560%26dvCampaignId%3Dmissing%26placebo%3Dfalse%26_stat_scn%3Dmisc_DE&tk_impressionId=_4V_krhEEe6KQ-3-icPQPg&tk_acceptsThirdPartyCookies=true&tk_origin=https%3A%2F%2Ftambayanstelesereyes.su&tk_eventIndex=3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:17 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 n.js Show response
mb.moatads.com/ Frame 5838 112 B
290 B 179ms
39ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=2553148879&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%7D%406U.hDnBmOPF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248RSzOFnUi%3FCFm%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gahQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-Dr7RCmgcJXlbBw%3D%3D&sc=1&os=1-6g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&m=0&ar=805b0ce1b97-clean&iw=4a25902&q=2&cb=1&ym=0&cu=1705831697972&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=1000428%3A50000154%3A60015627%3A70003359&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=tambayanstelesereyes.su&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=160x600&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207009&na=1619854722&cs=0&ord=1705831697972&jv=1275209089&callback=DOMlessLLDcallback_63873592
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 16d1d82baa4c285c80f061eb894c0ad577efc3bc65626bd1a559f80edeea6c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
server: istio-envoy
etag: "ed28a371d86f108acf977b45836cc900742345ee"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 17
timing-allow-origin: *
content-length: 112

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5838 43 B
265 B 28ms
8ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&m=0&ar=805b0ce1b97-clean&iw=4a25902&q=3&cb=1&ym=0&cu=1705831697972&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=1000428%3A50000154%3A60015627%3A70003359&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=tambayanstelesereyes.su&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=160x600&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207009&na=820927127&cs=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015627.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%26client%3Dca-pub-8891577780170225%26adurl%3D&googlewinningprice=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA&wpc=EUR&site=tambayanstelesereyes.su&slotvisibility=1&gcpm=1698560&gpos=1&bidder=bidder-rtb-production-746b898cf6-nt4dr&dv=3&uuid=&suid=&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&ssp_id=0&l=tl&ts=1705831697&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=vayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H2 200 ADventori-2.0.0.css
adventori.com/lp/enabler/ Frame AF8F 7 KB
2 KB 31ms
22ms Stylesheet
text/css 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://adventori.com/lp/enabler/ADventori-2.0.0.css

Requested by

Host: eu.adventori.com
URL: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

07fcd1d0da6fa7a138f398aa484b99cdad68e5731ae83d6cac8f498a0ebc9277

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.adventori.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 26 Apr 2023 09:26:20 GMT
server: Apache
etag: "1c13-5fa39d5330a31-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
content-length: 1830
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 ADventori-2.0.0.js Show response
adventori.com/lp/enabler/ Frame AF8F 77 KB
17 KB 39ms
14ms Script
application/javascript 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://adventori.com/lp/enabler/ADventori-2.0.0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

7b96cde7491c8bbf9a865074b6ce9c4fe53b6906c2ca7e2402c64beded814365

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.adventori.com/
Origin: https://eu.adventori.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 26 Apr 2023 09:26:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
content-length: 17163
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 js-err
rtb.ads.travelaudience.com/ Frame 5838 35 B
354 B 19ms
18ms Image
image/gif 35.187.184.108
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%253D%253D.60015627.OTk5JTJjMQ%3D%3D...7sOMk32o1KNqb38Y2MsA0w%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D160%26y%3D600%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D%26googlewinningprice%3DZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA%26wpc%3DEUR%26site%3Dtambayanstelesereyes.su%26slotvisibility%3D1%26gcpm%3D1698560%26gpos%3D1%26bidder%3Dbidder-rtb-production-746b898cf6-nt4dr%26dv%3D3%26uuid%3D%26suid%3D%26brq%3D2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A%26ssp_id%3D0%26l%3Dtl%26ts%3D1705831697%26uc%3DDE%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DvayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg%3D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://rtb.ads.travelaudience.com/rtb?ads=1000428.2.0.70003359.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015627.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF14iEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0wFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXamBVW-mn8NgoEaBrgD4IrCi1n124lH6jWe_vNfcCWQUgiKvP0sadVfKgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3izcR5c0GomNXtH7SqSLPMhX4BMQ%26client%3Dca-pub-8891577780170225%26adurl%3D&googlewinningprice=ZaztEQAGRr8A-RWgAAE7kOGEleo_HYao2MVqJA&wpc=EUR&site=tambayanstelesereyes.su&slotvisibility=1&gcpm=1698560&gpos=1&bidder=bidder-rtb-production-746b898cf6-nt4dr&dv=3&uuid=&suid=&brq=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&ssp_id=0&l=tl&ts=1705831697&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=vayKs1WUtV7xV0WQFQW1dKG6Q2fyLDXF_6-MJDijPDg=
Origin: https://rtb.ads.travelaudience.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin: https://rtb.ads.travelaudience.com
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 189C 2 KB
3 KB 63ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hf4m8k07yjv80cd6jkn96hg5qts0yp6qs9f134keck9z1ymd2fc2n92fd710s7zdtdxy6jvmdhbtz4az6w1d7y5nkmcefkn2f2ydmfs8xwbza6js1htnrfw7bwg3g16shd8sya4k7kdycxmazj7s6b7n97dvnhzx778nycndk7ben9egetcjsw0btax24jzacj8s658q2h16q5ct61t5z8xj9htnxt7hhtqx2q9e91zr5mw82qqfg85b4jchjdtedmqsr5tbe3fcv14w9e0gkzkx24a9nsss4rg41f3r3khp79w5tk178dcrz7yka5dqfgyj9mqw0n97fqt74zb28cbmr70yk77cdyw23zkxydgp42c5ba55p792f5zbaj2hha1mc2c291mrk1p0sfagpzvdw1qvc5d9e71rsenmges0rgpcgbgdpc8bdd9tqk2zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%26client%3Dca-pub-8891577780170225%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48dc232a2b00cfa6f77957e547a6dfe864b9610fdfd624534b6682ac4864140

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848ec1510c479158-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3321 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5340 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 22 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3321 20 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3321 0
0 36ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNpNuzqZEuFoOw1A5ZbPEArVTTBoFK68R_iWsSJ-Ii3HfjR2PCUwphzvPTcS-TzfHk3DSQS3YOg_qr8wui1-7TcCd-9A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3321 206 KB
65 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H2 200 misc-bg1.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/ Frame AF8F 61 KB
61 KB 19ms
19ms Image
image/jpeg 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/misc-bg1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

34f4ebc96e1a92856ad6070c8ed3320911499a8e8859fb1a67212baedd074e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
etag: "f49d-5fa39d76a8e04"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 62621
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 DINPro-Bold.woff2
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/fonts/ Frame AF8F 28 KB
28 KB 19ms
19ms Font
font/woff2 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/fonts/DINPro-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

572c81bd1a99e559e2d8c9203a48e7e3ed17ed47a6a5e53c10ca9b0946451aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
Origin: https://eu.adventori.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:58 GMT
server: Apache
etag: "6e10-5fa39d77098eb"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=300
content-length: 28176
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 misc-bg2.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/ Frame AF8F 64 KB
65 KB 29ms
29ms Image
image/jpeg 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/misc-bg2.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

32fa81ccc6c2b81b0ad44fd7ec10febb6f206a9845d1b8bf3453ba51d02144bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
etag: "100ce-5fa39d76a8e04"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 65742
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 misc-bg3.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/ Frame AF8F 75 KB
75 KB 45ms
44ms Image
image/jpeg 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/misc-bg3.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

ce3d559858044df16660b179be044c1bbd0a50899e71497406fb08acee5825fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
etag: "12b5b-5fa39d76a8e04"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 76635
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 misc-bg4.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/ Frame AF8F 79 KB
79 KB 46ms
46ms Image
image/jpeg 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/misc-bg4.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

047a5b3a29c324f32266de84239eb6a97fc3485737e8982a5dad5ac97eecb635

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
etag: "13b3b-5fa39d76a8e04"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 80699
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 misc-bg5.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/ Frame AF8F 90 KB
90 KB 46ms
46ms Image
image/jpeg 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/img/misc-bg5.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

1cdad1cd47d2d5852333f94edc59d8bb0178f7874884b216472accdd88525fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
etag: "167ed-5fa39d76a8e04"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 92141
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 logo-dubai.png
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/logos/ Frame AF8F 5 KB
5 KB 61ms
60ms Image
image/png 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/logos/logo-dubai.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

0129f5be99b790e4a2d1b054c478d7bd628b168ed6b2a0a9c0b74d0e3aaff8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:58 GMT
server: Apache
etag: "1382-5fa39d772eaae"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-length: 4994
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
H2 200 logo-weg-de-new.png
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/logos/ Frame AF8F 21 KB
21 KB 62ms
61ms Image
image/png 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/logos/logo-weg-de-new.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Apache /

Resource Hash

1d47af3271942dc973e3a44f2f734652abd184998d97caab17a6230eef6e6384

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/160x600/index.html?_format=html&_dataSize=160x600&_confSize=160x600&_placementId=387246&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:58 GMT
server: Apache
etag: "54bd-5fa39d774138f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-length: 21693
expires: Sun, 21 Jan 2024 10:13:18 GMT

GET
DATA 200
OK truncated
/ Frame 3321 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64fd241c296a664bdf5a363d2206097358821d1e0ce880d2f9a825f6fbf370ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 5340 0
104 B 127ms
65ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBJhYpoR7HGjiUdYilBOgBU&google_cver=1&google_push=AXcoOmQwFXAf33Zmmf2hbfjiZ6LL2Q5GUHyquunsXSh5e1RypBhhAivBs9h7zMTc-6n4WAZxg_aEvfKp8ZivrJJcQyz1Pl9y4pTtGSCk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5340
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIsVWCdse3T5gGVomBHhuJ4&google_push=AXcoOmRqPfAlGOi_26bqubmeDnVTADI6ZCFwztpfwKPwajcs3y3gorxsDG...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIsVWCdse3T5gGVomBHhuJ4&google_push=AXcoOmRqPfAlGOi_26bqubmeDnVTADI6ZCFwztpfwKPwajcs3y3gorxsDGgIZkqI_vwDxKi-doWemEOLtVg_qNqQmYddtZetzYp0hmb6

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220089-FRA
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1705831698.120164,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIsVWCdse3T5gGVomBHhuJ4&google_push=AXcoOmRqPfAlGOi_26bqubmeDnVTADI6ZCFwztpfwKPwajcs3y3gorxsDGgIZkqI_vwDxKi-doWemEOLtVg_qNqQmYddtZetzYp0hmb6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5340 70 B
149 B 95ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENZQjf1TDP5KuebSSDcK7-Y&google_cver=1&google_push=AXcoOmTUqAhcue2CUC2EI6YRLVXZHbYgUmMDqW2Q7GR5YFT5SgxZzsnFPlLawCNtshGd7Uf4O_u8Cu0IwTiIyOdFVBTzNE1Kk90QYZBA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5340
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOVc0QE4QXRaiR96aNmoHMU&google_cver=1&google_push=AXcoOmTXuKWLF8ZNZe7GaVM0Snu7tJV2_QwZCghVQVbnKxMYw7Mgymq-typFCkBzpxoVt9Ja_xH6maKYV3htjvHJRN4qNTl...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTXuKWLF8ZNZe7GaVM0Snu7tJV2_QwZCghVQVbnKxMYw7Mgymq-typFCkBzpxoVt9Ja_xH6maKYV3htjvHJRN4qNTlfxX94EAMZ&google_hm=eS02WmFlS3Q5RTJwSG...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTXuKWLF8ZNZe7GaVM0Snu7tJV2_QwZCghVQVbnKxMYw7Mgymq-typFCkBzpxoVt9Ja_xH6maKYV3htjvHJRN4qNTlfxX94EAMZ&google_hm=eS02WmFlS3Q5RTJwSGlDSFpsdDFLN1BQTWcybXA1a01YSX5B

Requested by

Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTXuKWLF8ZNZe7GaVM0Snu7tJV2_QwZCghVQVbnKxMYw7Mgymq-typFCkBzpxoVt9Ja_xH6maKYV3htjvHJRN4qNTlfxX94EAMZ&google_hm=eS02WmFlS3Q5RTJwSGlDSFpsdDFLN1BQTWcybXA1a01YSX5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5340
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJFvU0ErPWKvZa67kJcnipo&google_cver=1&google_push=AXcoOmSroUgBIRKlbwA3mKSZmmGkNIyX6dVs4SfsBJW8-KxjmzaFUYS2k6NxBIS5NNRwhcdV2g3hCnEY...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJFvU0ErPWKvZa67kJcnipo&google_cver=1&google_push=AXcoOmSroUgBIRKlbwA3mKSZmmGkNIyX6dVs4SfsBJW8-KxjmzaFUYS2k6NxBIS5NNRwhcdV2g3...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmSroUgBIRKlbwA3mKSZmmGkNIyX6dVs4SfsBJW8-KxjmzaFUYS2k6NxBIS5NNRwhcdV2g3hCnEYD...

170 B
232 B

20ms
19ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmSroUgBIRKlbwA3mKSZmmGkNIyX6dVs4SfsBJW8-KxjmzaFUYS2k6NxBIS5NNRwhcdV2g3hCnEYDYjE-92c_sW9MXa-Vjv9hPk

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmSroUgBIRKlbwA3mKSZmmGkNIyX6dVs4SfsBJW8-KxjmzaFUYS2k6NxBIS5NNRwhcdV2g3hCnEYDYjE-92c_sW9MXa-Vjv9hPk
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 5340 43 B
296 B 175ms
19ms Image
image/gif 2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEM6c0e-_adSduBVDGYZwUr4&google_cver=1&google_push=AXcoOmRGbb3wp7ioXRGO972nuXjU2Hooc2Ra_5rkMvKy0nFWtjqaTZt6VB0ZzdiRyBJHJQJnEXsXshXCvyl9vbjOFXLuFs-IqK2ewZ98
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5340
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMKn5YXTYAmh3e1jstXgC5Y&google_cver=1&google_push=AXcoOmQkj0_qGS_RbrgfzxA4TYV3_N7Pe6kHPYET8o1_-fTQLF2vzJ2U2Z9vricTQK7PgSVr8AGdUqs7o-OA...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkj0_qGS_RbrgfzxA4TYV3_N7Pe6kHPYET8o1_-fTQLF2vzJ2U2Z9vricTQK7PgSVr8AGdUqs7o-OAVHb6D5Sf9naYT0Jxq1gC

170 B
329 B

18ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkj0_qGS_RbrgfzxA4TYV3_N7Pe6kHPYET8o1_-fTQLF2vzJ2U2Z9vricTQK7PgSVr8AGdUqs7o-OAVHb6D5Sf9naYT0Jxq1gC

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkj0_qGS_RbrgfzxA4TYV3_N7Pe6kHPYET8o1_-fTQLF2vzJ2U2Z9vricTQK7PgSVr8AGdUqs7o-OAVHb6D5Sf9naYT0Jxq1gC
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5340 0
130 B 45ms
14ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kz4lbLrbk3qM_xEsIbD6-AfV9l8jzXhnhs5Oiz-evP3y7QiPLwhKPqQIAVgVtE0CGuYlQD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 189C 115 KB
14 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hf4m8k07yjv80cd6jkn96hg5qts0yp6qs9f134keck9z1ymd2fc2n92fd710s7zdtdxy6jvmdhbtz4az6w1d7y5nkmcefkn2f2ydmfs8xwbza6js1htnrfw7bwg3g16shd8sya4k7kdycxmazj7s6b7n97dvnhzx778nycndk7ben9egetcjsw0btax24jzacj8s658q2h16q5ct61t5z8xj9htnxt7hhtqx2q9e91zr5mw82qqfg85b4jchjdtedmqsr5tbe3fcv14w9e0gkzkx24a9nsss4rg41f3r3khp79w5tk178dcrz7yka5dqfgyj9mqw0n97fqt74zb28cbmr70yk77cdyw23zkxydgp42c5ba55p792f5zbaj2hha1mc2c291mrk1p0sfagpzvdw1qvc5d9e71rsenmges0rgpcgbgdpc8bdd9tqk2zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%26client%3Dca-pub-8891577780170225%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hf4m8k07yjv80cd6jkn96hg5qts0yp6qs9f134keck9z1ymd2fc2n92fd710s7zdtdxy6jvmdhbtz4az6w1d7y5nkmcefkn2f2ydmfs8xwbza6js1htnrfw7bwg3g16shd8sya4k7kdycxmazj7s6b7n97dvnhzx778nycndk7ben9egetcjsw0btax24jzacj8s658q2h16q5ct61t5z8xj9htnxt7hhtqx2q9e91zr5mw82qqfg85b4jchjdtedmqsr5tbe3fcv14w9e0gkzkx24a9nsss4rg41f3r3khp79w5tk178dcrz7yka5dqfgyj9mqw0n97fqt74zb28cbmr70yk77cdyw23zkxydgp42c5ba55p792f5zbaj2hha1mc2c291mrk1p0sfagpzvdw1qvc5d9e71rsenmges0rgpcgbgdpc8bdd9tqk2zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%26client%3Dca-pub-8891577780170225%26adurl%3D
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451458
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHIOEhJ7jtckU9xlL%2FUZ0FE5e9f7oWjeipzf9OEgLfrYS29%2FzeEvILiXQ%2BqrxkHWU22dkCGPTLtSYhIr97VBcmL%2FarwMXuaDVkKMhIEbjz437M6k5M%2FlaxDfBi6M1Pq3k9DZ12vOsN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 848ec1513c769158-FRA
expires: Mon, 22 Jan 2024 10:08:18 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 189C 24 KB
10 KB 32ms
20ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hf4m8k07yjv80cd6jkn96hg5qts0yp6qs9f134keck9z1ymd2fc2n92fd710s7zdtdxy6jvmdhbtz4az6w1d7y5nkmcefkn2f2ydmfs8xwbza6js1htnrfw7bwg3g16shd8sya4k7kdycxmazj7s6b7n97dvnhzx778nycndk7ben9egetcjsw0btax24jzacj8s658q2h16q5ct61t5z8xj9htnxt7hhtqx2q9e91zr5mw82qqfg85b4jchjdtedmqsr5tbe3fcv14w9e0gkzkx24a9nsss4rg41f3r3khp79w5tk178dcrz7yka5dqfgyj9mqw0n97fqt74zb28cbmr70yk77cdyw23zkxydgp42c5ba55p792f5zbaj2hha1mc2c291mrk1p0sfagpzvdw1qvc5d9e71rsenmges0rgpcgbgdpc8bdd9tqk2zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%26client%3Dca-pub-8891577780170225%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 445641
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMZDBh6wMJtJa3a%2B0tV0xL9LPhIT%2F5Ya8B0G1MgyKOQIV%2FoeV7AIo1CxsCllYY8tEZEtZz94nvLOk8xyK8KCTZim3CG8YNSgDkiid94iRg4FlsIuh5oZpyuZxIt6DYjRZhhHZ6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 848ec1514c7f9158-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 trackPrint
eu.adventori.com/tracker/ Frame 5838 43 B
241 B 20ms
20ms Image
image/gif 51.68.38.14
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdCreativeLoaded&tk_campaignId=DubaiTourism_Always-on_TravelAudience_202010&tk_cartoucheId=DubaiTourism_AlwaysOn_202010_TEST_160x600&tk_ui=_4V_kbhEEe6KQ-3-icPQPg&tk_ip=81.95.5.40&tk_userAgent=Mozilla%2F5.0%20(Linux%3B%20Android%2011%3B%20SM-N960U)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.131%20Mobile%20Safari%2F537.36&tk_impressionId=_4V_krhEEe6KQ-3-icPQPg&tk_acceptsThirdPartyCookies=true&tk_mouseEvents=&tk_creaInitData=1&tk_creaReady=1&tk_creaLoad=1&tk_creaInitDataTime=122&tk_creaReadyTime=126&tk_creaLoadTime=197&tk_adStartTime=2&tk_eventIndex=4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.68.38.14 , France, ASN16276 (OVH, FR),

Reverse DNS

f25.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:17 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 189C 350 B
911 B 55ms
27ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4515543
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLlWfWQGV2dw8mQL2hDBVnQufbB8VUvn7ay0%2ByjkClAUXSkSzwBwu1BWAVvSEruGFepSZWGeI5wyuH665R4yt6JQtDpvfq2dqJyH1ujU53HTM4M0U4%2BSjWP7HCI5Tlav%2BkYTJJoIHVligb8XleH3hpWw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec151b9636925-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame E4FD 2 KB
2 KB 25ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1827760
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 848ec15189ea2c04-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQ1TzOcJ5JmchzjK2%2BdqIJSjWo15apNujFPLHgPXfFfy0kNgBWTenz%2Bxbe95EnQixvCEezX0q7KgpyCmWH41PiWn%2BcePyd2zyQ2OntMVp1GB6%2BxdI%2F8xBbgPudLbKT1VBdkv1hA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame B0A5 2 KB
2 KB 32ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g4cbfbnwvhh5vw10j3dnhvpzcpxsfbd2xkcdjkq62pjhaepnfgfc7qfwy7q4t2x3j4kgqsrx45xbtpprhm4h3avh0xh72nnxrdbhnr4xna2ynvn7djbjqdbs0es8jqs43nsh2gj7a1a8h41c04cayjtr426n0ag1vq7p6xh2tv66wsnhab0byjtw2evmf2c1kw7vyr3pfa2f68bphebnxmj4pskd3faj7z27mqdxa992s58arcm232a9damngzzfbmkhg0q26vdzfrxqcq44s0b1sy02wy8f0bf8d1cyxny6va1y61mq21w4trqsfwgwm1d3pm0eee714yf6cvk1796nyvnhcbjzmfqjwakg15nxn3kkqq4gh38rajn0fm5svbx139gcmnf9b2cqptw7hedhf4zxmvh19z0pvvqdhaxtacw4cma5cn5zyr3pv6bc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%26client%3Dca-pub-8891577780170225%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf3887fe18a589b529fd26761c1cb5f6e6867a28418fedde501c70df70c45c0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848ec151ba112c04-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame FE27 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 57A1 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 22 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame FE27 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FE27 0
0 16ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQb0_2n_e9Mm4S25Hl6PHct02ayMjdUPIKxiuf3blty0psARmkwBDKHK3w62FGEWuwOHBOTTUMdpw-tEv-ipRvmUm-DWQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE27 206 KB
65 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C03A 0
19 B 45ms
45ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGnhqEe2sZb-NGaCr5LcPkPeEgAPKkbX7ctPipc7RCsCNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE0AFP0BEvHS0fet776-6GpV6uSTsx_KKKWQF9pQ--xMMCj9kOHUPBcGYDcVClbdfsIQFk4w_fSn-Z4MpGKI4Qljh4wFF1dvR30tRdIBkl37Ta80cqyZhLfzOQ7sa1YgMIeumiXsSk8mwTmS_eCC5KYmkHFY0by2UwrY3GYecJYWtkEL754gxFjJbRoLd99vdpzjHZ-FSXVQXr_86ghNMnx5vIqQuOgG-hLQwbXeuDdP00MSxpP6moC5f9sA-68Xfb6H_iPdQwuUVpvEk4mrIkyEKFgAbF8sjc8q3mpgqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYl-v2op7ugwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODg5MTU3Nzc4MDE3MDIyNRgA&sigh=40GSnt1zpyU&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_XQmmahaggsHq6BwL6yfwMqjyFhkJeHL_rtNK18tFlWT4699HR0xFyszRpu1emiaPBq8bh7Ei3DL5zJDfH1UO7v6oYKR-Ysf1aRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=600&slotname=6722979616&adk=2778862626&adf=2781308295&pi=t.ma~as.6722979616&w=300&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=300x600&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697308&bpp=6&bdt=3763&idt=6&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=8
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 Jan 2024 10:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 497C 2 KB
2 KB 32ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1keprbm4yq7xysgew703s6d364zrtvx11htb17s5m23mskx663pmzdc96jc2me9mqmcce2pfy89mdpag4fcyysab1rhfz85ps6jfetd9yjrm0n3v99epd906hzxds237mhp1xv4s40awt8aqf29bhg6fe7wddgzzt3fr7p5tbyevg35m74j75t9fexb7p7c70w22sfmrrzq283e79gtnvaq79crvrckmx8exzwm4979sv8zb815y3b9f4g7wn4kq18ha512r0r1s8thbav1cytrs1y9zc36d8rwx5dv4mxj79mpr8452fbxnx55a7zp7c312svxn3cbp8awebskj2srjw6mbsgf7550fcetav7xerjynab8x6bh1p27h9gcrw0vwc0ebsns16wv9rksndpgyed7cwmhg45sq5yybcv9ghnzatcb4r64cq711w3fgwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%26client%3Dca-pub-8891577780170225%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1311831701&adf=1201606472&pi=t.aa~a.95760519~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280&nras=3&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

230dda87857283ccb65cdc3e5104750336c13f6dbd7fc6f5d88f4426a5233863

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848ec151da312c04-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C386 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DCC4 1 KB
643 B 11ms
10ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 22 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C386 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C386 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR14aFaWi8hoCh-Ifolye9g1k0WxcmtaUaR8j-c1UzQUWsPhxoBwN1tBa-MkPpFxID0Ad59RLtI01LRk2sDZ8PZiMadNg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1311831701&adf=1201606472&pi=t.aa~a.95760519~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280&nras=3&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C386 206 KB
65 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3321 0
19 B 48ms
48ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbM1xEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTUAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHbcFk-NM65bmNyK-S8KVrH7t29grZPVHOQLeg6iD7HUx3AO7dSJhgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODg5MTU3Nzc4MDE3MDIyNRgA&sigh=6JPV8XGweTQ&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_4J1gc7xJwrP5AgbdK-RnRay7iaC8VkGQqOkFdpVQthiTzj-blcSGKIDfbht5kIwtgGs0zQYhJRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 Jan 2024 10:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3321 0
103 B 42ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gdg6rk0t2dbk61jt96vb9chzewc4zw1fk7t3cjr96487s3df1ecrmm9tj6cdcnpmwjaktvqnsm2chb17tgtqyadqekd4g7j3sdnqdggyvrq6az009qd8r7tcpbbzzn82481e4edch9phqpbqbp218x3rvjxpwp4ve44k8sr1zxspfrngvvv4vg1y7c99phw8t7k6n7qxf0dtytvfx3nje0c1g7kjmk43kdddmj41x0gw66sbgw4bmrr6phyf94p1g4w49dz8v2c5wzdf15zw4s0byxyk5s1yxjgfdc29yf4v2jdkdwa1q2ftgkabks9spt88pvera3jysj2dgx55kvmakg2bswgw4s07s19vf2en95q528bp8p21qzzvt5neyqjdnm2k54078r&b=ZaztEQAK8u4K7JUMAAunpoHQcvV2vKLmSMfEVA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1347777177&adf=2902625031&pi=t.aa~a.3994224694~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90&nras=5&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4804&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame FE27 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 845f0a2e15f8e55c90da61b0b00abe4a09fd979546e1b96667b83245533e629a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 57A1 0
103 B 16ms
12ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHwhbf7lpXrCboOndAF-KZ0&google_cver=1&google_push=AXcoOmQ7KLc059-Regxc6Ui0IhDHWkXiIY5Yc7nRLk34KEGAFN9IwbGnq8Vkc8qqc0VHAXYTEXc5l3uouyq1dpVsdMfdK4qfSWdFdmon6AEGb9DBR5PaF-wsAeW6BEX2uwaqCEiKlhewr3TTES6qIMp7MHiD4WQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57A1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENlKlnyohVQ2ynPpN0DB5fc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENlKlnyohVQ2ynPpN0DB5fc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESENlKlnyohVQ2ynPpN0DB5fc&google_cver=1&google_push=AXcoOmSGBkGa2kHGdWQUcILmj6G2F4-VmUrtEqIR7-_GK8z...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESENlKlnyohVQ2ynPpN0DB5fc&google_cver=1&google_push=AXcoOmSGBkGa2kHGdWQUcILmj6G2F4-VmUrtEqIR7-_GK8z2ULznHPetL78I9W7SGtzlAS97pcAgoo5u0sx06Xw6MfdTkodifvxt0zN8YTolFqJ6wKp8IRHfCS5nSL7K65lzoVCSLQ0ByOwpCwKZDal2fj5VlA

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 10:08:17 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESENlKlnyohVQ2ynPpN0DB5fc&google_cver=1&google_push=AXcoOmSGBkGa2kHGdWQUcILmj6G2F4-VmUrtEqIR7-_GK8z2ULznHPetL78I9W7SGtzlAS97pcAgoo5u0sx06Xw6MfdTkodifvxt0zN8YTolFqJ6wKp8IRHfCS5nSL7K65lzoVCSLQ0ByOwpCwKZDal2fj5VlA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57A1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHaI2JsjdAbGJmT1KfLWwyg&google_cver=1&google_push=AXcoOmQ-_wACaMkrkCo1Y_eQbDlxUhrhGRbAKj-PZIXCCak5qfRV3_xbNKY719GNPiN7T5nViKa4zjXPNeWKI9ls-eNLGA-Rbk1zay...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97E08DC659654CB6BF01D2B59B90A4DF&google_push=AXcoOmQ-_wACaMkrkCo1Y_eQbDlxUhrhGRbAKj-PZIXCCak5qfRV3_xbNKY719GNPiN7T5nViKa4zjXPNeWKI9l...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97E08DC659654CB6BF01D2B59B90A4DF&google_push=AXcoOmQ-_wACaMkrkCo1Y_eQbDlxUhrhGRbAKj-PZIXCCak5qfRV3_xbNKY719GNPiN7T5nViKa4zjXPNeWKI9ls-eNLGA-Rbk1zayF7vcWC_xOi5GAKPl_4oacEMU-75XCuYg_RVtPN4fMNiXhpCoNICqXgag

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97E08DC659654CB6BF01D2B59B90A4DF&google_push=AXcoOmQ-_wACaMkrkCo1Y_eQbDlxUhrhGRbAKj-PZIXCCak5qfRV3_xbNKY719GNPiN7T5nViKa4zjXPNeWKI9ls-eNLGA-Rbk1zayF7vcWC_xOi5GAKPl_4oacEMU-75XCuYg_RVtPN4fMNiXhpCoNICqXgag
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 10:08:18 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 57A1 70 B
148 B 32ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENaFsdRHT6pX8v3XBaowrQQ&google_cver=1&google_push=AXcoOmR_TVoPHivDPUkVJ08CYZpjzlzHhXA0F0cSQyeS2rBdhoC7aVgEFavUj_84OmuofDS20jy2WKjSUq-GlYFcSxaXSq-hX5z0gPsHN8eAOHfleu-O448ZKsCNKe8JYdYDq6ICIIHb3ftgSI9bi3RwWeOTtw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 57A1 43 B
146 B 33ms
7ms Image
image/gif 18.195.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAfA-FHG6GxNQVn_3GQfbhw&google_cver=1&google_push=AXcoOmQ36LqT_VY_XEf5TkpZ_rinu1lR9GDawoievQNqkE-bBnKyfxIc5gxYDRIoJuFdyF7MawJKRJmzuFc7FdI2XYuWK0YXh_7QXkPLPmsLZ0K5L17H9GA8ttdZ_tKPBI7QI6hgnswkf3m1C_fTcQRxed04XA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.130.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-130-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57A1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGBCcoOYLt2F7VDwubWL9N4&google_cver=1&google_push=AXcoOmRIEoqxdu8hHl7de22PrtMYbJeF99TF3jcuA9AL5Oq-FxKHoR7udXENmZTB1kdaN7O3cb8_leMZ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmRIEoqxdu8hHl7de22PrtMYbJeF99TF3jcuA9AL5Oq-FxKHoR7udXENmZTB1kdaN7O3cb8_leMZ_...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmRIEoqxdu8hHl7de22PrtMYbJeF99TF3jcuA9AL5Oq-FxKHoR7udXENmZTB1kdaN7O3cb8_leMZ_6enNjkLYKaqhY1RTLuBliQt_QJaU2eskq4sK78tDWQRMAzwpWjeU4a5GGyV1ECVos-t1LyosN2rlKs

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmRIEoqxdu8hHl7de22PrtMYbJeF99TF3jcuA9AL5Oq-FxKHoR7udXENmZTB1kdaN7O3cb8_leMZ_6enNjkLYKaqhY1RTLuBliQt_QJaU2eskq4sK78tDWQRMAzwpWjeU4a5GGyV1ECVos-t1LyosN2rlKs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57A1
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPGo4PXPYbzuNfGkHGhGTco&google_cver=1&google_push=AXcoOmStdnJmpLPgsZ-v9cLGHeNcmFRVA2k1HlotFNxWP2ABpFvaF3r0Ppl1JIxNXf...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmStdnJmpLPgsZ-v9cLGHeNcmFRVA2k1HlotFNxWP2ABpFvaF3r0Ppl1JIxNXfQAs6ySAVo4GZQ99Rqr6nSmyLGlxnWGtxCrUk8SDDsG4XMulO...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmStdnJmpLPgsZ-v9cLGHeNcmFRVA2k1HlotFNxWP2ABpFvaF3r0Ppl1JIxNXfQAs6ySAVo4GZQ99Rqr6nSmyLGlxnWGtxCrUk8SDDsG4XMulOtra0K7UCB_SiEeQbytSnms6Mc34D8yPGn8CAfFl20RGTwh&google_hm=kfzukQH4TZWa0cl2FsBvfSg

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:17 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmStdnJmpLPgsZ-v9cLGHeNcmFRVA2k1HlotFNxWP2ABpFvaF3r0Ppl1JIxNXfQAs6ySAVo4GZQ99Rqr6nSmyLGlxnWGtxCrUk8SDDsG4XMulOtra0K7UCB_SiEeQbytSnms6Mc34D8yPGn8CAfFl20RGTwh&google_hm=kfzukQH4TZWa0cl2FsBvfSg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 57A1 0
12 B 16ms
14ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ICu1QfnmbjmfkVjBa5Ev6c4LeVBvUX_3DP2JWF82uSWCbYgLgqhz0t_95Zx1DjQDPgV9xkOg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame 189C 2 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e34571c8d944e1e55b5c87ee0b95a2398c805a0254f7c32509f6c8b2edf2482

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLNIKHJ8S71JXczbzcNCazgB8BQZOueogFqySItyRohc1ilnCZQuvKX9tVWPcq7KWJyOWLHl5W6kwoarqn8NEMhVIr1SrX36MlHDYP61ElpAHdbjulk%2BBDRBDR%2BvTZAcuJUCi1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 848ec1523b242c7b-FRA
x-backend-server: aa-reachservice-group-europe-west1-pkcl
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 48ms
39ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848ec151fac42c7b-FRA
content-length: 24
content-type: text/plain
date: Sun, 21 Jan 2024 10:08:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLpy9U7O9mtBCPtJHfge8zKEZ%2FOHgoekYL5JpZf6bZNd2aLLArGfCJhwn9LgbXVwRMyD0aOg7wBwY%2BaB3P9GizJQwG22GnTRMtnCjMrt%2B%2FXKzk5W5uUaOFzNCfv916vjIzTf0xo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-krt5

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B0A5 115 KB
14 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g4cbfbnwvhh5vw10j3dnhvpzcpxsfbd2xkcdjkq62pjhaepnfgfc7qfwy7q4t2x3j4kgqsrx45xbtpprhm4h3avh0xh72nnxrdbhnr4xna2ynvn7djbjqdbs0es8jqs43nsh2gj7a1a8h41c04cayjtr426n0ag1vq7p6xh2tv66wsnhab0byjtw2evmf2c1kw7vyr3pfa2f68bphebnxmj4pskd3faj7z27mqdxa992s58arcm232a9damngzzfbmkhg0q26vdzfrxqcq44s0b1sy02wy8f0bf8d1cyxny6va1y61mq21w4trqsfwgwm1d3pm0eee714yf6cvk1796nyvnhcbjzmfqjwakg15nxn3kkqq4gh38rajn0fm5svbx139gcmnf9b2cqptw7hedhf4zxmvh19z0pvvqdhaxtacw4cma5cn5zyr3pv6bc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%26client%3Dca-pub-8891577780170225%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g4cbfbnwvhh5vw10j3dnhvpzcpxsfbd2xkcdjkq62pjhaepnfgfc7qfwy7q4t2x3j4kgqsrx45xbtpprhm4h3avh0xh72nnxrdbhnr4xna2ynvn7djbjqdbs0es8jqs43nsh2gj7a1a8h41c04cayjtr426n0ag1vq7p6xh2tv66wsnhab0byjtw2evmf2c1kw7vyr3pfa2f68bphebnxmj4pskd3faj7z27mqdxa992s58arcm232a9damngzzfbmkhg0q26vdzfrxqcq44s0b1sy02wy8f0bf8d1cyxny6va1y61mq21w4trqsfwgwm1d3pm0eee714yf6cvk1796nyvnhcbjzmfqjwakg15nxn3kkqq4gh38rajn0fm5svbx139gcmnf9b2cqptw7hedhf4zxmvh19z0pvvqdhaxtacw4cma5cn5zyr3pv6bc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%26client%3Dca-pub-8891577780170225%26adurl%3D
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1919800
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMMXPeDSR7qpDI90lXjWJAy2q5PFEQiAQr%2FpzWOhHL9hrlKTFOtrxJbEZZEqsyFRafDRNGjgd299w1bTemyqGsoYnMOQsA0gnB2vP45scZxgvbQTWgDC5c1f%2BPjRLAdA%2F4bJNGAbe48%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 848ec151fa4a2c04-FRA
expires: Mon, 22 Jan 2024 10:08:18 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame B0A5 24 KB
10 KB 19ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g4cbfbnwvhh5vw10j3dnhvpzcpxsfbd2xkcdjkq62pjhaepnfgfc7qfwy7q4t2x3j4kgqsrx45xbtpprhm4h3avh0xh72nnxrdbhnr4xna2ynvn7djbjqdbs0es8jqs43nsh2gj7a1a8h41c04cayjtr426n0ag1vq7p6xh2tv66wsnhab0byjtw2evmf2c1kw7vyr3pfa2f68bphebnxmj4pskd3faj7z27mqdxa992s58arcm232a9damngzzfbmkhg0q26vdzfrxqcq44s0b1sy02wy8f0bf8d1cyxny6va1y61mq21w4trqsfwgwm1d3pm0eee714yf6cvk1796nyvnhcbjzmfqjwakg15nxn3kkqq4gh38rajn0fm5svbx139gcmnf9b2cqptw7hedhf4zxmvh19z0pvvqdhaxtacw4cma5cn5zyr3pv6bc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%26client%3Dca-pub-8891577780170225%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 257565
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NSay6BjsHPksXRAtz4KzhYSZB7b8lLp%2FPu116gg2h8IrUc28gCMeOFZ3flO7DTwvfRZrQ33Fmhy9Sz8Co8TCjHyo3mJfLpAL5O58KRtBGprIxqhIIDKjMDD%2FfP34pQz9SddS4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 848ec151fa4b2c04-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
DATA 200
OK truncated
/ Frame C386 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1a69d03804e8e53ea4964ac4edc5cfdb18d5496a420eb6c5c69ca570794377

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DCC4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKNra0OamL7bLrMexUenSAg&google_cver=1&google_push=AXcoOmSqP7QyV_U9u73Z4aw_6AFw93AJ6QluKtxKX5ntBTqIHvdBbVL4NDQRmQPawseX013Pp27wOmDnxzokXYgW1UM2BsUaED31i...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAyODkzNjkzNzE4MDQwNDI4MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECebyhTjdWJ95lZwE9bRgHw&google_cver=1

43 B
398 B

41ms
20ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECebyhTjdWJ95lZwE9bRgHw&google_cver=1
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECebyhTjdWJ95lZwE9bRgHw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame DCC4 0
103 B 61ms
60ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPNMIn3xG8Ye4_xXqGrEv3A&google_cver=1&google_push=AXcoOmSX-ze-o2yzcOyqJvcUGpNwBNmXKJuH3s8w9t6B0zlhgfW9Xi8YnbslhCVhUkSp8YpGIlKR-Qd3o6SzqoPXnn-VTg5ky-Qaiv6imZdUR4lFdaz98k4XPIiCHUz9vXKvNXUADgfxzKYrOhrTAigPIjmnMWs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1311831701&adf=1201606472&pi=t.aa~a.95760519~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280&nras=3&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DCC4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIpXn-zEHChdszgIJssD8Q4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIpXn-zEHChdszgIJssD8Q4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESEIpXn-zEHChdszgIJssD8Q4&google_cver=1&google_push=AXcoOmRW1gh79bAPQ1hUO-hjsT-yCdg6hu3H0cbd3B6Z4Dy...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESEIpXn-zEHChdszgIJssD8Q4&google_cver=1&google_push=AXcoOmRW1gh79bAPQ1hUO-hjsT-yCdg6hu3H0cbd3B6Z4Dy8wY5E-6xgd25_K5mn6VVKVi9c6INs3n2UL2H0MeavygSwJdp8-ud9Svz3fKPxJbnpPqN27PrQYTm-iMtgWiEGdZPYf94yTMdW5-7P6BoaaASw0bA

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 10:08:18 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-092dd177afc8cc107@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESEIpXn-zEHChdszgIJssD8Q4&google_cver=1&google_push=AXcoOmRW1gh79bAPQ1hUO-hjsT-yCdg6hu3H0cbd3B6Z4Dy8wY5E-6xgd25_K5mn6VVKVi9c6INs3n2UL2H0MeavygSwJdp8-ud9Svz3fKPxJbnpPqN27PrQYTm-iMtgWiEGdZPYf94yTMdW5-7P6BoaaASw0bA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DCC4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmF6dEVnQVA5dHdkM2dBTQ==&google_gid=CAESEEy0A2Mv8B4XQJxDpt1bxfo&google_cver=1&google_push=AXcoOmRx4PH3WpXDFmHmtNChiX4Dyk2whC...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmF6dEVnQVA5dHdkM2dBTQ==&google_gid=CAESEEy0A2Mv8B4XQJxDpt1bxfo&google_cver=1&google_push=AXcoOmRx4PH3WpXDFmHmtNChiX4Dyk2whCSkp4H8_ABQDWmQ464P0I-CuAPYTb6LYOL0X07plQcZH4JkoXPE7pk_lzzAWzFBkcfR6P3xbV14fPuX_IpdTJ5A-1AG05d5m4j73KDOY6nBdpY9TyfBO22JJUr5nTk

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220089-FRA
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1705831698.245950,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmF6dEVnQVA5dHdkM2dBTQ==&google_gid=CAESEEy0A2Mv8B4XQJxDpt1bxfo&google_cver=1&google_push=AXcoOmRx4PH3WpXDFmHmtNChiX4Dyk2whCSkp4H8_ABQDWmQ464P0I-CuAPYTb6LYOL0X07plQcZH4JkoXPE7pk_lzzAWzFBkcfR6P3xbV14fPuX_IpdTJ5A-1AG05d5m4j73KDOY6nBdpY9TyfBO22JJUr5nTk
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame DCC4 70 B
148 B 30ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB7EQc1ntVpLdFrE_Tn1EHU&google_cver=1&google_push=AXcoOmTIhB7IGJ9PGq-5xIJv2nxMXs3TRvV2hRIDgUjj6YD_SImuUhq9qi_5zWzeWN58vUhXAErK3VgB3MOuspDsS-xi5_c9xEQAbwoijP2DNfiYA-zCgGusjVQqDMYI5eXaUUH7CJd5PbiiWZ6gXz109inm0_4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1311831701&adf=1201606472&pi=t.aa~a.95760519~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280&nras=3&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DCC4
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMZxhAiR3Xsle1qEFFQ8k74&google_cver=1&google_push=AXcoOmRzIAeQ_gp-7BMK4pYpmFR5n8sKxM765btE5FoiwoYF0E2bu6iGehvEaIguFIUIgw1wzW9tBUcRp-pRfv7A...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=omE6tC-iRziepaeKccx_Cg&google_push=AXcoOmRzIAeQ_gp-7BMK4pYpmFR5n8sKxM765btE5FoiwoYF0E2bu6iGehvEaIguFIUIgw1wzW9tBUcRp-pRfv7AtmrtyRb_fLQ2TiW...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=omE6tC-iRziepaeKccx_Cg&google_push=AXcoOmRzIAeQ_gp-7BMK4pYpmFR5n8sKxM765btE5FoiwoYF0E2bu6iGehvEaIguFIUIgw1wzW9tBUcRp-pRfv7AtmrtyRb_fLQ2TiWIN4BRp2aLTYLo2Nui9KUAdQ4XTo1beRddYLzaOm1FUDA1O7Td9HrwTk4

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=omE6tC-iRziepaeKccx_Cg&google_push=AXcoOmRzIAeQ_gp-7BMK4pYpmFR5n8sKxM765btE5FoiwoYF0E2bu6iGehvEaIguFIUIgw1wzW9tBUcRp-pRfv7AtmrtyRb_fLQ2TiWIN4BRp2aLTYLo2Nui9KUAdQ4XTo1beRddYLzaOm1FUDA1O7Td9HrwTk4
x-host: tde-deliveryengine-production-5db7bf8975-l85ll
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DCC4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEARbGlMLEYkJ4i5VUdvRWlA&google_cver=1&google_push=AXcoOmREvZK7epbCFwlGqmLToEHra9gUE-4bkzgL9sU7JbPy8rm7cgPxMNZAeKEQ5hSahGuD9gPRpFZS...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmREvZK7epbCFwlGqmLToEHra9gUE-4bkzgL9sU7JbPy8rm7cgPxMNZAeKEQ5hSahGuD9gPRpFZSC...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmREvZK7epbCFwlGqmLToEHra9gUE-4bkzgL9sU7JbPy8rm7cgPxMNZAeKEQ5hSahGuD9gPRpFZSCBoZni_xEypXSQLsdgtwvqAktxonq1_LVQpO2dCOIx6e_0RXkJM_1SYPr_E9PQgJM-qjBXCKxeeiC3Y

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmREvZK7epbCFwlGqmLToEHra9gUE-4bkzgL9sU7JbPy8rm7cgPxMNZAeKEQ5hSahGuD9gPRpFZSCBoZni_xEypXSQLsdgtwvqAktxonq1_LVQpO2dCOIx6e_0RXkJM_1SYPr_E9PQgJM-qjBXCKxeeiC3Y
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DCC4 0
12 B 15ms
14ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXRN-xfE56dew9t0kl9PrNn7h69Azusexgz8bOw0DnRjHet5VBGaue7l9LRWcpY_scKWPU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 497C 115 KB
14 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1keprbm4yq7xysgew703s6d364zrtvx11htb17s5m23mskx663pmzdc96jc2me9mqmcce2pfy89mdpag4fcyysab1rhfz85ps6jfetd9yjrm0n3v99epd906hzxds237mhp1xv4s40awt8aqf29bhg6fe7wddgzzt3fr7p5tbyevg35m74j75t9fexb7p7c70w22sfmrrzq283e79gtnvaq79crvrckmx8exzwm4979sv8zb815y3b9f4g7wn4kq18ha512r0r1s8thbav1cytrs1y9zc36d8rwx5dv4mxj79mpr8452fbxnx55a7zp7c312svxn3cbp8awebskj2srjw6mbsgf7550fcetav7xerjynab8x6bh1p27h9gcrw0vwc0ebsns16wv9rksndpgyed7cwmhg45sq5yybcv9ghnzatcb4r64cq711w3fgwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%26client%3Dca-pub-8891577780170225%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1keprbm4yq7xysgew703s6d364zrtvx11htb17s5m23mskx663pmzdc96jc2me9mqmcce2pfy89mdpag4fcyysab1rhfz85ps6jfetd9yjrm0n3v99epd906hzxds237mhp1xv4s40awt8aqf29bhg6fe7wddgzzt3fr7p5tbyevg35m74j75t9fexb7p7c70w22sfmrrzq283e79gtnvaq79crvrckmx8exzwm4979sv8zb815y3b9f4g7wn4kq18ha512r0r1s8thbav1cytrs1y9zc36d8rwx5dv4mxj79mpr8452fbxnx55a7zp7c312svxn3cbp8awebskj2srjw6mbsgf7550fcetav7xerjynab8x6bh1p27h9gcrw0vwc0ebsns16wv9rksndpgyed7cwmhg45sq5yybcv9ghnzatcb4r64cq711w3fgwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%26client%3Dca-pub-8891577780170225%26adurl%3D
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1919800
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTLpdIT77G0FDyFhV9UQyPjuHAzqZds9ZUeg3CKKICXySkLtKiJzE%2Bu9R5PGsa%2FYPCB%2BtKIaULE0W%2F52hDBthj3ilZXCvwWkkIzajhDGnBd2j0kzW%2B7WyGKv1VK6tyNHkdQf2E6nQW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 848ec1520a6e2c04-FRA
expires: Mon, 22 Jan 2024 10:08:18 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 497C 24 KB
10 KB 26ms
26ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1keprbm4yq7xysgew703s6d364zrtvx11htb17s5m23mskx663pmzdc96jc2me9mqmcce2pfy89mdpag4fcyysab1rhfz85ps6jfetd9yjrm0n3v99epd906hzxds237mhp1xv4s40awt8aqf29bhg6fe7wddgzzt3fr7p5tbyevg35m74j75t9fexb7p7c70w22sfmrrzq283e79gtnvaq79crvrckmx8exzwm4979sv8zb815y3b9f4g7wn4kq18ha512r0r1s8thbav1cytrs1y9zc36d8rwx5dv4mxj79mpr8452fbxnx55a7zp7c312svxn3cbp8awebskj2srjw6mbsgf7550fcetav7xerjynab8x6bh1p27h9gcrw0vwc0ebsns16wv9rksndpgyed7cwmhg45sq5yybcv9ghnzatcb4r64cq711w3fgwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%26client%3Dca-pub-8891577780170225%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 257565
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezl9f6ehU1iIqrv74hLjus%2Fb8ym5dImGPwTvib9OIX9Ux%2Fw8KfgIxPGdupRlWzyz6WMHWzKPg1AGGjPxBxFN8NE2SQlrPrc5hPlfQXOQoIp6ZQeAk9M3PTV2ZcbwLIHQbR0CDX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 848ec1520a712c04-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B0A5 350 B
637 B 20ms
19ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4515543
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qfUl0tQ44TUxshRM1U1GyQu%2FSDz2v1PEjqIAqWpPJgoU83PrEaYH%2FYX0BWAyAP%2FyICk7DCt6DW87fxhZcQ6bxP5EuoK%2BoQs6X615355HFCFby2bfpNS7l0zzzQTfQQFgud4fbrcZelX2xRVHKK1eDRy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1522a526925-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 5195 2 KB
1 KB 17ms
17ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1827760
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 848ec1522a852c04-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DeNSqt461NCsWW6osxxkR%2F0Z9kAz9fTwGT2E0noMlPkJ%2BZOQdYTgKPSCegD23eJ%2BgvRi1IKK7n9dTr9AGqa0DCwSUjsmkjrVQvU9MFQ01in6dAivIOHY9BGCI4U6KpfzWW7MY4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 497C 350 B
633 B 23ms
22ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4515543
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsGZ94fTugIjMie2T7Sqr2l4vHtyDTO0iiT6mAZDN7eFBAQSJZGkMj03qZNMKRVpU6Se7hyeLy4czNf4XUlbZtcil7CGfLxrX1o6M6XjpUzxvucwycfuiWAyrX5kXhor3XIoZdrotPv6xDiYYakcx%2BNA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1523a836925-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 5E8D 2 KB
1 KB 20ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1827760
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 848ec1523a922c04-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyW4jXJ8sTd11Kg4YXVhEz36uCTRuEUKN%2FDNmgYlKXl2KehTEfbPl78vaS%2BvTXNuR7M7lzhUpnKY%2F4mDPJgKCwjt6m5Qx0DdGy6pvyL2h3TS9uMYs2BGCw56R8AjiIRSIH5vfxg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame B0A5 2 KB
2 KB 32ms
32ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb972305dc9ac1bf932d4dd3e816a93cf43fe37e29dbc26c693b2bc236b5046

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IG%2Fvs%2FYv16cEopcWBZ9quCOEzn1SPcLMCdyj76qKGEC1hGsyvTWIFEJCVJHfW6Ttew598HYJpGJAp0cIA5IsTJUDbbbX0h0LIIDGo84B6QUYJ396YSAeWPrH3Q%2F1lcCgcturCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 848ec1528b742c7b-FRA
x-backend-server: aa-reachservice-group-europe-west1-pkcl
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 32ms
32ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848ec1524b362c7b-FRA
content-length: 24
content-type: text/plain
date: Sun, 21 Jan 2024 10:08:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70QX9hpv7LfFBDcQQCq9BTGm9NKaIF27WdmXExTxMcGVutPQf80Ngh0rChv1yKf5dMQraDvm0IspsLtnJSLAtEfoAhMYfv02yQn0216jW1HZxyxa8HG35eFDPl5hOphyfuzMZ50%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-krt5

POST
H3 200 rs Show response
ad4m.at/ Frame 497C 2 KB
2 KB 31ms
31ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69cb9882549216251663384de0b38d8475a77c3d140f20f313652f758b3d018

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TFYwek9l%2FHG2KKgTIJ6NMkmFzC06pfVB0jIo7z2ssg3jX57S0JVNYc2EFaeywikCojzEBtJa9U4qpH%2BuGzZrmWk7MPzrx4lWdeWlL6mH91AsMj%2Fek%2FhUilYJY48pkl%2FcH0Ns3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 848ec1529b882c7b-FRA
x-backend-server: aa-reachservice-group-europe-west1-pkcl
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 29ms
29ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848ec1526b5d2c7b-FRA
content-length: 24
content-type: text/plain
date: Sun, 21 Jan 2024 10:08:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaxZglTttUFB4TLOrTGe8NbJWxMilTwhB6tpKF2KLDba38YMS7tAJge7wTojAtaaAGSubwCG3MWvXDFpXkkELw%2FA0SYOLeeiM%2FUtREoQfrOvLImfokwJgkpo%2BKw90JU46yFT36w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-pkcl

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 1506 2 KB
2 KB 32ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hag7hnbvpmecya2txzp88gfj67hyb1yfsvgznwnzm4vz3w8765d1ztq4p0524c5pz4sp2enp1s8751dzrqfpj8mhcr8wdrdq006362e9gn226t82qp1sj67srsv9x4wc20wq9sazh91xg0xgrz58mp4c366jgbxa9veg678eqq16s4fjqvj15gv15w95ed4z9ze1r2r4p90btkfk5abrx87nqnaya8pffenk15pn8whyzn7c05m7fmnh4y11t9g9h5c0ec2xez1evadabzpnxy3g7cxbwqnvkjd0xw7yx05gx4etpwwt0jbw51tba1vmpz3d2qt62hptk0tdjmg0ynjh0jsxqmptrm8kct8xc1zer1304nr9r3tk7wsv99gy8scsqg3tt4fzt9j9m5m5tqetqgfkf8ajk90wpxxt6hgccrfj9vsnm9ds5zcae1w4r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%26client%3Dca-pub-8891577780170225%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=2302193839&adf=1987564233&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90&nras=4&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d89524066b13ab117f70f01b60cc264b532dabb40bb55715c4b1cec3ae2d4e1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848ec1527ae32c04-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A0AC 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6F91 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 22 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A0AC 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A0AC 0
0 15ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDWAAAcQ7MPEII3I7733_ziodBtfH62Za45Ayq6WDG7OwZE_GZk3Xz6xu-u1pKzl5P3zA0wPnztx7GCUbwSUh22p3YDg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=2302193839&adf=1987564233&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90&nras=4&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0AC 206 KB
65 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E9D6 9 KB
5 KB 41ms
40ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bd5cf6400e20aea75c171d52b29fd088f8aa44bb063ae1b3bdb363896a6f74c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hf4m8k07yjv80cd6jkn96hg5qts0yp6qs9f134keck9z1ymd2fc2n92fd710s7zdtdxy6jvmdhbtz4az6w1d7y5nkmcefkn2f2ydmfs8xwbza6js1htnrfw7bwg3g16shd8sya4k7kdycxmazj7s6b7n97dvnhzx778nycndk7ben9egetcjsw0btax24jzacj8s658q2h16q5ct61t5z8xj9htnxt7hhtqx2q9e91zr5mw82qqfg85b4jchjdtedmqsr5tbe3fcv14w9e0gkzkx24a9nsss4rg41f3r3khp79w5tk178dcrz7yka5dqfgyj9mqw0n97fqt74zb28cbmr70yk77cdyw23zkxydgp42c5ba55p792f5zbaj2hha1mc2c291mrk1p0sfagpzvdw1qvc5d9e71rsenmges0rgpcgbgdpc8bdd9tqk2zw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%26client%3Dca-pub-8891577780170225%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848ec1528ae62c04-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FE27 0
19 B 46ms
45ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmyoVEe2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1AFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymaxlGihOKpC2i3XJW3Oz3RNQFUe96YRKOCPDP6-458qqL_NR1DjCYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg4OTE1Nzc3ODAxNzAyMjUYAA&sigh=OTinlLd9fdw&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_9cSPZq2IOZQyQQqDgr9aVBH5ZWZATkBLiNMao5GYwzaT6ThfDkG_s-m0xlPOmUBYqtILeSTiOhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 Jan 2024 10:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame FE27 0
39 B 17ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gqtderg02pgbb2adqt7r9bcv08xfbamxqs8dwshs42k5pwp8gyegmnnn4wdekt5khpsnsz2kmvhpg7vqzsnz5h6017csnjmhr8ehz91br5e4y5j0vyy7k7wpefgjf4z6q9qtkqr47mr73k82j7j8z2rsnmb9y8sfvvc4q39pkzbxf1zs98cdfyv66nves6651kkhe9dj9p82a9gfvtvzpvw11g4rpdgf6g1fkt8m9tvxd2fjf20gfg8wr0cdgahd1ja1c8218150ycrdtte08qd8r43mkr82gvbbqa8dnr3px3c3qgttsvnw51n37f89xyqv77bepzsdkezc05v9rht2qmxymge9n5mqwqyy04a0vrfnk86nshj689vqx5vc0141b0yzeffax0&b=ZaztEQAK28sA-QUaAACyyub1ktarDx5hYEtBHw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=4264142226&adf=481375678&pi=t.aa~a.3298103841~rp.1&w=960&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=960x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=1&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90%2C1200x90%2C960x90&nras=6&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=4938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C386 0
19 B 50ms
50ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiOYbEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1QFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9Tn-TLfLDPX-LGBe5lstRlrAi8XdwfylagaFOoJV8dS0GL_JLUJuSABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04ODkxNTc3NzgwMTcwMjI1GAA&sigh=M9N2ZmP3TQI&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_pXcQY1uzN_u26WMlvMtDyIIYyaYuZs-4p6EJ0dYGdngbds5eIX6YKR_NF4FIb85jeVR7EzQJExgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1311831701&adf=1201606472&pi=t.aa~a.95760519~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280&nras=3&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=7
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 Jan 2024 10:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame C386 0
11 B 19ms
19ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hkz0z7x4q3wxr8rhvvva0m69psg4ztehj0n28w6y2hk18gwakw4kb1rrsnfsgcgafnd9g1bc65n4v34jnzt1zs5xtbzv3xrcgwxnkybyd7cc1gkk7vyy5zfdmm6pq8emhaz4h40eazvxwhc9pbg451gxfhcwtak27yzwxsqp4ayc4txje2q5t0nc390g653xbegjgbbmyybwnrt1q63s2abf48q9ynmemh8ank4abd039ptcjrkmjph6ex4yht0en27tzhy1ggbzq0sef8p87mq0fjwzqy184x1sqz88g94cn8tyt37krw68f72bt0k82pb4tkj79dgyrw3m4hx6b4psb84jcsnx8dyx2y13c1a54e9hf9grk1erwd2kftrvemnzs9vhdvhgh8&b=ZaztEQAKyMAA-SlGAA8mBpSNXIBCU8p9j05qRA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=1311831701&adf=1201606472&pi=t.aa~a.95760519~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280&nras=3&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame A0AC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7703c4e3d927622f08ad5c89960238ef9024b4ce1fc24be74ac71846ea675c85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AFBE 9 KB
4 KB 30ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71287bbe81b599e1c714660aefed5ac4a7fec996c66856d21ac83654f23a6e52

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g4cbfbnwvhh5vw10j3dnhvpzcpxsfbd2xkcdjkq62pjhaepnfgfc7qfwy7q4t2x3j4kgqsrx45xbtpprhm4h3avh0xh72nnxrdbhnr4xna2ynvn7djbjqdbs0es8jqs43nsh2gj7a1a8h41c04cayjtr426n0ag1vq7p6xh2tv66wsnhab0byjtw2evmf2c1kw7vyr3pfa2f68bphebnxmj4pskd3faj7z27mqdxa992s58arcm232a9damngzzfbmkhg0q26vdzfrxqcq44s0b1sy02wy8f0bf8d1cyxny6va1y61mq21w4trqsfwgwm1d3pm0eee714yf6cvk1796nyvnhcbjzmfqjwakg15nxn3kkqq4gh38rajn0fm5svbx139gcmnf9b2cqptw7hedhf4zxmvh19z0pvvqdhaxtacw4cma5cn5zyr3pv6bc0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%26client%3Dca-pub-8891577780170225%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848ec152db542c04-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 1506 115 KB
14 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hag7hnbvpmecya2txzp88gfj67hyb1yfsvgznwnzm4vz3w8765d1ztq4p0524c5pz4sp2enp1s8751dzrqfpj8mhcr8wdrdq006362e9gn226t82qp1sj67srsv9x4wc20wq9sazh91xg0xgrz58mp4c366jgbxa9veg678eqq16s4fjqvj15gv15w95ed4z9ze1r2r4p90btkfk5abrx87nqnaya8pffenk15pn8whyzn7c05m7fmnh4y11t9g9h5c0ec2xez1evadabzpnxy3g7cxbwqnvkjd0xw7yx05gx4etpwwt0jbw51tba1vmpz3d2qt62hptk0tdjmg0ynjh0jsxqmptrm8kct8xc1zer1304nr9r3tk7wsv99gy8scsqg3tt4fzt9j9m5m5tqetqgfkf8ajk90wpxxt6hgccrfj9vsnm9ds5zcae1w4r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%26client%3Dca-pub-8891577780170225%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hag7hnbvpmecya2txzp88gfj67hyb1yfsvgznwnzm4vz3w8765d1ztq4p0524c5pz4sp2enp1s8751dzrqfpj8mhcr8wdrdq006362e9gn226t82qp1sj67srsv9x4wc20wq9sazh91xg0xgrz58mp4c366jgbxa9veg678eqq16s4fjqvj15gv15w95ed4z9ze1r2r4p90btkfk5abrx87nqnaya8pffenk15pn8whyzn7c05m7fmnh4y11t9g9h5c0ec2xez1evadabzpnxy3g7cxbwqnvkjd0xw7yx05gx4etpwwt0jbw51tba1vmpz3d2qt62hptk0tdjmg0ynjh0jsxqmptrm8kct8xc1zer1304nr9r3tk7wsv99gy8scsqg3tt4fzt9j9m5m5tqetqgfkf8ajk90wpxxt6hgccrfj9vsnm9ds5zcae1w4r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%26client%3Dca-pub-8891577780170225%26adurl%3D
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1919800
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84TbJ6tqpIwq6nlAElXJjAk3nLDRxvv1kcqk7I9j6G4AqRhwSkP8aYirzO%2FeFZa135cT226DoIl6gegskt5d6FllXgOWrfxfQGCTbysYoI6KE9G23lTkD3IjEzSMVgvy50Q8oiU6z04%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 848ec152db562c04-FRA
expires: Mon, 22 Jan 2024 10:08:18 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 1506 24 KB
10 KB 20ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hag7hnbvpmecya2txzp88gfj67hyb1yfsvgznwnzm4vz3w8765d1ztq4p0524c5pz4sp2enp1s8751dzrqfpj8mhcr8wdrdq006362e9gn226t82qp1sj67srsv9x4wc20wq9sazh91xg0xgrz58mp4c366jgbxa9veg678eqq16s4fjqvj15gv15w95ed4z9ze1r2r4p90btkfk5abrx87nqnaya8pffenk15pn8whyzn7c05m7fmnh4y11t9g9h5c0ec2xez1evadabzpnxy3g7cxbwqnvkjd0xw7yx05gx4etpwwt0jbw51tba1vmpz3d2qt62hptk0tdjmg0ynjh0jsxqmptrm8kct8xc1zer1304nr9r3tk7wsv99gy8scsqg3tt4fzt9j9m5m5tqetqgfkf8ajk90wpxxt6hgccrfj9vsnm9ds5zcae1w4r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%26client%3Dca-pub-8891577780170225%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 257565
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDl5knhJeA74qsUvET8ZmzhNWeNuVa6IO9VNabyDrQiLFCID7pkvJqrZyD1ueeCwcPhIM2pnugqIJDzJAk7NTrL4QL3QSTc92oGFnMIWkcWQ7PSXDlu0sh6R2KsGJAMkdd9Q7g4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 848ec152db572c04-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame E9D6 115 KB
14 KB 23ms
23ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1919800
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL0b%2FMZ5khsi3u9LvIFam%2FubTQcOm%2BB9n8SQmCOxvYs3UDEUiL9LlY9fC18FnmmCJ8gjCMndQGTfuLoT8F72m3hIs2Z2lJLoBfAhGLf%2BOw%2FOqsqA7ywASBQ%2FDGpNNZUNxuTKie7QAnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 848ec152eb592c04-FRA
expires: Mon, 22 Jan 2024 10:08:18 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame E9D6 9 KB
9 KB 27ms
18ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4596775
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cwuTXx8T9XmeYkG5r%2BiZl%2F0BUijl2Y7%2BiaX9gES%2BVTT%2FqszANSeYyStOtfJbS4GY8k5ulVCw3usKdLrFHxdPrCbpa40LwYuNRZfk8vU4uMqeHlAYmcThqZv3nC7XCwDgOnxbZf0UVKwWGS%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec152ee459158-FRA

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame E9D6 21 KB
21 KB 29ms
20ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4687389
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 21332
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:58 GMT
server: cloudflare
etag: "50190e2f2596fbaf0b3827698ee24008"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fc0CaTti4bOQIySBcAH6C6%2Bkog3wrrWxe0Z%2BFUGbif6ALlzmcIKiVHep8%2Fqle7DLI6TGL%2Fmjyeunkr9SKSp9UlY27HLQnMwXA2fp1Gg3f1frmGiVcxZkFR020XBhK5YGDrZFr6ZOg8h4SCsP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec152ee489158-FRA

GET
H2 200 2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame E9D6 0
327 B 65ms
20ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidj4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame E9D6 9 KB
10 KB 19ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135826
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiLzV5tQyZHpBu44WqgLv%2Byu80O6S7e8Fn8dQxDFGotFpr22iYj0xp69MAgMzkXklTYaHTfG9AChyfy2dyRnXMBJ2SG9yQo6THQoR6MmfooFY0KDdFqXGSsarWTLu4NRHmhqsXOEwjxyLwst"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec152fe4b9158-FRA

GET
H2 200 BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
assets.ad4m.at/ Frame E9D6 28 KB
29 KB 20ms
20ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4598257
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28954
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 07:58:31 GMT
server: cloudflare
etag: "85b2952dc2f72512aefd9f8454909e82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BWW%2FbiiraTGpg3bWVgXeOVlXjUjzSWN2VlcFWQcOPn9SCMwo8pFo1%2FBRLFsU%2BMRH1Jok%2F2VXE5HbqdMI7ZBwHkdAWuq%2FDVKdEUW5jvgQNhfQvywmlJMgp6aiX7INN97kYzzeVDyrUTA82Ia"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec152fe4c9158-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame E9D6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCKoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1705831698_ffdd3c81-b844-11ee-86b5-22356fe9f584

0
549 B

56ms
13ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1705831698_ffdd3c81-b844-11ee-86b5-22356fe9f584
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 10:08:18 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 21 Jan 2024 10:08:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1705831698_ffdd3c81-b844-11ee-86b5-22356fe9f584
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame E9D6 4 KB
5 KB 20ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131109
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juJK8Yp9sBwbFj0%2BlPkZuSGTWjBacsv7K4VgS%2FE8gOMBaeVwgdJTe9ZgipRpPsmw5FiQm6otOUTZY%2BROJZSndV20cKmLRkWlIAl0wktHp82c04qQKB4b8wMRKYx7A9oRNPdifxD5L%2BV07nb2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec152fe4e9158-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame E9D6 15 KB
16 KB 25ms
24ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4505191
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyVGYCDF8qDQVaX8WagRVcAi9V5ACAPAj380AZPY93qwCGVaLMU32VZ%2BtMUzfHpIXzZi%2BuHg%2FXlSJXRuoztFxCPiY2ASRqAQToeVDRlvMUQeUbZ90rTuOL%2FN1du%2FzQfohQx%2F2yAmKyg7Jczo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec152fe4f9158-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E9D6 43 B
703 B 105ms
73ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C196438%2C19769&b=j4guEfJgbubBKuJCEH2t6tWmGaKTzTD8mH9%2C4KRcEfAmXfAYZ9CWC9HdtAtjWrtZTpTrqQCK%2CM4Duzf95pfKq5cECEHGtDt6P4C9T4TbGzs3&f=xMksQf759uMxdH6CdHztDCqWgSJT6Tqd7sA%2CrBzCQf7MDu3rpPHpC7HjtJC2zrC5T8TKzjtd%2C6eYfef4bwSDRjSkCmHYtECWMzf2T1T2XpU7&c=728&d=90&e=&g=4d24af70d53c1d8e793abd535a4e3023%2F12280045665975867601&i=26474%2C25174%2C21630&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698287&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kb4rcwaefsmatkn6qzrv3mdp8q8bskkvdz8qegn60pya5j4j1rwpngbxhvcyj1fsv7p72b2w9de53ytxcj7qn07m55bgxhhdgba5f9f773r6pwa3fc3eknaw4d4zgmzyfrfpqd8671sp5jvh9a53am4ckf5grcgw9bmzqpvkaxny03ppn43jnwynwev52cs2v33hgrnv8yh5nxeg0d3tn5hpznq9n9dmpxc73nza8f8v0w46g5gb0ec2r3h28dr1nja3tef1y75eb1snv0mwb4d%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC71GUEe2sZe7lK4yqsgemz67wDY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTXAU_Qo1VQFLTR7ykip_irMVXYpCOWDpuabKLqAgIeyxKT4Syp0zG2j5HTb68hzW3aUM-My-Y9MoLDwocubo0823SM5iSGdzefdBn2cPZgeCzgZW3rs4BIe0vQhVEwvWyH-BFjNLwWJHeq10ET2YOWlbXUKYV69NTZ3OwAxb4loEoybLPSJvvDq4OpOojvTT5AG1ZD_zBdCoMyjdVEDYKzZWYLxjPvWFv7o_-3ZxuQHfUHsnGbEhGm_6X-12ypO_ipwNKGbttf7Ihovz8PBWQdxNZn6mKpHagxgAabzvS4rpy-uiegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYssyJo57ugwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0KgQIxBMYxNvlI8VAUKr8UMQYhRQ%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 10:08:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F7BA 12 KB
5 KB 34ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aab5a79ced34d2a0ca39b166596c36a365896b3c6d1e8960a22fab9edb8e56e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1keprbm4yq7xysgew703s6d364zrtvx11htb17s5m23mskx663pmzdc96jc2me9mqmcce2pfy89mdpag4fcyysab1rhfz85ps6jfetd9yjrm0n3v99epd906hzxds237mhp1xv4s40awt8aqf29bhg6fe7wddgzzt3fr7p5tbyevg35m74j75t9fexb7p7c70w22sfmrrzq283e79gtnvaq79crvrckmx8exzwm4979sv8zb815y3b9f4g7wn4kq18ha512r0r1s8thbav1cytrs1y9zc36d8rwx5dv4mxj79mpr8452fbxnx55a7zp7c312svxn3cbp8awebskj2srjw6mbsgf7550fcetav7xerjynab8x6bh1p27h9gcrw0vwc0ebsns16wv9rksndpgyed7cwmhg45sq5yybcv9ghnzatcb4r64cq711w3fgwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%26client%3Dca-pub-8891577780170225%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848ec152eb5f2c04-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F91
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE_SFGjoK2IoaVgYtCgKBRY&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESEE_SFGjoK2IoaVgYtCgKBRY&google_cver=1&google_push=AXcoOmS_o2zPsyRZqgDbWvbWbkIjnt01eFrF_5jJu_bu0xY...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESEE_SFGjoK2IoaVgYtCgKBRY&google_cver=1&google_push=AXcoOmS_o2zPsyRZqgDbWvbWbkIjnt01eFrF_5jJu_bu0xY0By85HG0mzm-aU4vwhxSfM8F2grsKemIVNOyrCarVUfSRR1ogjKSwbPX8eFEwBmvcdZzta7jHkUgBoRNNh7NvKS5JCGyx55mLf1B1wx4MkSAdkQM

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 10:08:18 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-0d9d3eefff4fcda69@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGRTaE9lWnoxUnJ1S3U1&google_gid=CAESEE_SFGjoK2IoaVgYtCgKBRY&google_cver=1&google_push=AXcoOmS_o2zPsyRZqgDbWvbWbkIjnt01eFrF_5jJu_bu0xY0By85HG0mzm-aU4vwhxSfM8F2grsKemIVNOyrCarVUfSRR1ogjKSwbPX8eFEwBmvcdZzta7jHkUgBoRNNh7NvKS5JCGyx55mLf1B1wx4MkSAdkQM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F91
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEABYEX03WKChN0g3FYdMnmA&google_cver=1&google_push=AXcoOmRPOYQIfviCmn55xJPsBxuO4XfP56EEsGXRzIqtgevPYWoXT-x3H_E_ifQSHbdzfEUiENJqp7lETexXn4HrLArTbxfTauta28...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97E08DC659654CB6BF01D2B59B90A4DF&google_push=AXcoOmRPOYQIfviCmn55xJPsBxuO4XfP56EEsGXRzIqtgevPYWoXT-x3H_E_ifQSHbdzfEUiENJqp7lETexXn4H...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97E08DC659654CB6BF01D2B59B90A4DF&google_push=AXcoOmRPOYQIfviCmn55xJPsBxuO4XfP56EEsGXRzIqtgevPYWoXT-x3H_E_ifQSHbdzfEUiENJqp7lETexXn4HrLArTbxfTauta28xCw12c4Qma_6_vtFUW39H-T_N3HFCpEXw13Bq7Qld7VRRi_I9oZ06jKEc

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=97E08DC659654CB6BF01D2B59B90A4DF&google_push=AXcoOmRPOYQIfviCmn55xJPsBxuO4XfP56EEsGXRzIqtgevPYWoXT-x3H_E_ifQSHbdzfEUiENJqp7lETexXn4HrLArTbxfTauta28xCw12c4Qma_6_vtFUW39H-T_N3HFCpEXw13Bq7Qld7VRRi_I9oZ06jKEc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 10:08:18 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 6F91 0
98 B 45ms
12ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQ2bjzWD6hwuTSDgNtY6VC0p5WdhFuC2a2a8ir4T9K7nr_zJ_Y3rMJnFfLy8Ea13VoAboP_O6xk9x8AByiFXhIWJyiswRnnrLKwmJpM3Vgfe0D1G-ptHJUYjc2boKH8IpeqHL12e8EWEJON410grgVJNA&google_gid=CAESEJEou6jhlymoHv9VyZV6DCM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=2302193839&adf=1987564233&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90&nras=4&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F91
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKYuTyFvubvR4P2FxmMl5FI&google_cver=1&google_push=AXcoOmR6oX772cu0AcZaB7-GHm5Bf2hgimsk0qqxFZ4PFJo0sLSNskm30V0dItTq6aKMueGpeYEMB0Y6yQY2GFuC...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=omE6tC-iRziepaeKccx_Cg&google_push=AXcoOmR6oX772cu0AcZaB7-GHm5Bf2hgimsk0qqxFZ4PFJo0sLSNskm30V0dItTq6aKMueGpeYEMB0Y6yQY2GFuCd3BBF0qCA2dvTJR...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=omE6tC-iRziepaeKccx_Cg&google_push=AXcoOmR6oX772cu0AcZaB7-GHm5Bf2hgimsk0qqxFZ4PFJo0sLSNskm30V0dItTq6aKMueGpeYEMB0Y6yQY2GFuCd3BBF0qCA2dvTJR5OduVb1XPazfegzUHAPxQKjI7duKSXByWtiJObdPk27-Rkau40IfzjQ0

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=omE6tC-iRziepaeKccx_Cg&google_push=AXcoOmR6oX772cu0AcZaB7-GHm5Bf2hgimsk0qqxFZ4PFJo0sLSNskm30V0dItTq6aKMueGpeYEMB0Y6yQY2GFuCd3BBF0qCA2dvTJR5OduVb1XPazfegzUHAPxQKjI7duKSXByWtiJObdPk27-Rkau40IfzjQ0
x-host: tde-deliveryengine-production-5db7bf8975-k484n
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F91
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPevhuQ-WyDvF3GZCIghGQM&google_cver=1&google_push=AXcoOmTlZWUfy3NcP7KJvk-ldnEql0ABij4kdZtrKLISIz1-6fq071g5IoZDo4EF7EzPU4yzMh2muP9O...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmTlZWUfy3NcP7KJvk-ldnEql0ABij4kdZtrKLISIz1-6fq071g5IoZDo4EF7EzPU4yzMh2muP9Oh...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmTlZWUfy3NcP7KJvk-ldnEql0ABij4kdZtrKLISIz1-6fq071g5IoZDo4EF7EzPU4yzMh2muP9OhHxjavSnxPUpUlBnZd6y0jZ8aviTLI-VFrbdPUOsQETE3WJ6tuu5iZTINbVCIcasxmSVgxnkbrEElg

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODAyNTE2MTE4Mjk0NDE&google_push=AXcoOmTlZWUfy3NcP7KJvk-ldnEql0ABij4kdZtrKLISIz1-6fq071g5IoZDo4EF7EzPU4yzMh2muP9OhHxjavSnxPUpUlBnZd6y0jZ8aviTLI-VFrbdPUOsQETE3WJ6tuu5iZTINbVCIcasxmSVgxnkbrEElg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F91
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBJh_cTpaWmb3PCBDWWiBgo&google_cver=1&google_push=AXcoOmQyNy9-Mp_OguPxydxAacJ9utvwsHNnxmHIGSKggRmhYFIkZ88V78JUEOkFawRjveBkyPPib2QvJQ3u...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQyNy9-Mp_OguPxydxAacJ9utvwsHNnxmHIGSKggRmhYFIkZ88V78JUEOkFawRjveBkyPPib2QvJQ3uGW_vQHSVFP49cmKgVG2DZaz-AqZ717pO2Za_...

170 B
188 B

22ms
22ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQyNy9-Mp_OguPxydxAacJ9utvwsHNnxmHIGSKggRmhYFIkZ88V78JUEOkFawRjveBkyPPib2QvJQ3uGW_vQHSVFP49cmKgVG2DZaz-AqZ717pO2Za_2olJ_V5Kob0UtIoLS9RatsR1oMLjnlpc2HMTnD8

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQyNy9-Mp_OguPxydxAacJ9utvwsHNnxmHIGSKggRmhYFIkZ88V78JUEOkFawRjveBkyPPib2QvJQ3uGW_vQHSVFP49cmKgVG2DZaz-AqZ717pO2Za_2olJ_V5Kob0UtIoLS9RatsR1oMLjnlpc2HMTnD8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 6F91
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKCS0FQRCaQM...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT-eEeR8qfg_TNA5-KdCMToCCgOeF5emPvh27te_VsXmqKrrOp_WZRMQVTqp7555ng00BlAqwo3CfVDkc2jv_Y5gffa7HfikcotS71ibBQ0vfxof...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

35ms
35ms

Image
image/gif

23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

expires: Sun, 21 Jan 2024 10:08:18 GMT
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6F91 0
12 B 15ms
15ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkSiXaoPO6VeaC7dpVm9sUDRJacTg2qj-yXKkAbRcR09M2l0BqRThhz6hm4exzE5jWnZcHVQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1506 350 B
915 B 26ms
25ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4422934
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOO4YTS3PrwG0jqRIdky63EHPxtdFYyqI%2FSnMzZ0OPJwAbb%2FNljDcTWav2NXCstnGvsoy3y%2BUJLIw02OEaj0PuAtXp%2F%2Fn6IFHLibhodf8pEta6%2F45OHbv2SgEjpm4QD7YepJJggBEszoqooe3D86c9oy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1530cd45d94-FRA
expires: Sat, 30 Nov 2024 05:32:44 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame D83B 2 KB
1 KB 19ms
19ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1827760
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 848ec1530b762c04-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMVFhx8An6roXdPDy7dYtr0Lf6gsUBu09508%2FSmp%2FZz5QkPk2AXIhxTdn4N68YWoRbWVDrptWffLKenWVqyk1ARwoab%2BdA9Gc6p%2BwP%2B%2B0RJiBE6N8ehKpfiRhDy6urIZOCEAy%2Fs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame AFBE 115 KB
14 KB 25ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1919800
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwCc6JzFeyxj3wARj2Ku485xiecAJcd8ndxmI3oM2NgbGJy2dL3SXMEaagyHta%2B6OfdC2JB8ITAB6jFTI9DFkHL8jBHn5xh8DLTh5xiRjiLFD2rQDQGtVm4Rknx2x66WNhmhP7%2Bx%2FA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 848ec1531b912c04-FRA
expires: Mon, 22 Jan 2024 10:08:18 GMT

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame AFBE 2 KB
2 KB 22ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132508
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRmTlDmiidyCjJr7Cep6JrHoDRPCEvIJhwmip8vGWfH6BXeSttCJGZMEN30c70xZCh3Qo7EVd%2BBI4aT4XrtagKhoe%2FMfYH9r%2FU2I5JoJ6qlgAlliGV0521TkwZ%2BT60XcfqL7nx%2BD9IgXD1OL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b942c04-FRA

GET
H3 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame AFBE 23 KB
23 KB 31ms
26ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4517445
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cIjeZvaMckBcpx3TGSswKfjrMeFUW%2BuZHFyN47shFfiTVxe3lsqUz6S8WKx8oMxcRl6pGG9xFQV0OcLlN3L0nxdCU83ZenF2HREP4b7MI8W8MYe92SpO7ltnShmOF%2FxMLlmbCFI%2FYxuBFto"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b952c04-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AFBE 43 B
703 B 92ms
72ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidBmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHMoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 10:08:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 FC3EBC00BD63728CDED7BF49C90089F0AD060D19BAC0CC7D24DD7223868536C4D9FD0FDC781B72F45D97ADF434B98DCA70652A20CF09E9F68F06C8B1644B1447
assets.ad4m.at/logo/ Frame AFBE 2 KB
3 KB 25ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FC3EBC00BD63728CDED7BF49C90089F0AD060D19BAC0CC7D24DD7223868536C4D9FD0FDC781B72F45D97ADF434B98DCA70652A20CF09E9F68F06C8B1644B1447
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead545fcb1046493bddf875ea00c2ce392933ff92913137d5dffc9ba3931c5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141628
cf-polished: origFmt=png, origSize=8052
alt-svc: h3=":443"; ma=86400
content-length: 2164
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:40:58 GMT
server: cloudflare
etag: "ab09ed4c076b0b62736d67a64b645530"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RQrxiCW3a1g6Sck6Aree8GFvSAe%2FDh5BAPt1MhMMY2E1UeIZIT4Ya4T%2Bk8bdxjeBtVrmMFheztWOVjslpk2ZUw0mLrf7d7wgZ1b7Y3AoKazCkf9p5uSjDt2Wy1IO3N2BSk%2BOQ0QKz%2B2UVZ7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b962c04-FRA

GET
H3 200 C356921971DB52B4943FBED1DB5DEE5BF89AFD3E4B08064F949CE297CFDA683A8E2C698EAD58CF8A41FC97633B752F5235D1CFF6C1A859C349A8305044834AB2
assets.ad4m.at/ Frame AFBE 33 KB
33 KB 31ms
28ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C356921971DB52B4943FBED1DB5DEE5BF89AFD3E4B08064F949CE297CFDA683A8E2C698EAD58CF8A41FC97633B752F5235D1CFF6C1A859C349A8305044834AB2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e308187351398e32580e3c7a416cd281216d02ca28b4cdef13ca884f1c2663

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 855928
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33345
cf-bgj: imgq:85,h2pri
last-modified: Thu, 11 Jan 2024 12:22:48 GMT
server: cloudflare
etag: "6e833ddc25cd03ae9a529219cfd5c4ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FYXBQhb%2BTuy3KpFOej9E33MnXt3Tpeee75jQuq46J3n23uqSWoNPSK%2FzUPeBWfYX1Fd0B8vMiau9hkgOQGtWcuiqAlpkSNS28GmL89OqMrN%2FT4WluVbsRdM%2Bi%2F4wQ2iQhPd%2BLjFppfDdfzj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b972c04-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AFBE 43 B
702 B 91ms
71ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2026324&v=9145&q=320355&r=412871&pv=1&pref3=oneid6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 10:08:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame AFBE 8 KB
8 KB 24ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 134972
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kv3qkkiQjpZ0KTnhwkAA%2Fglw1uj9RsTarhWkR0ap60v%2Fvgm1wKLQZ7qTkbiEmqla6qXd8%2F%2FVM6EANh7xcnXe1vjliTGZIWz52n4R0T%2BTvSWto3dTUh9tzhqC5ujl5%2BrAgp7QaYX2wL%2B57I%2Fw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b982c04-FRA

GET
H3 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame AFBE 20 KB
21 KB 24ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 204367
cf-polished: qual=85, origFmt=jpeg, origSize=29026
alt-svc: h3=":443"; ma=86400
content-length: 20740
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 Oct 2023 21:22:49 GMT
server: cloudflare
etag: "9e8c0f685f08676e3b6bec8849b76e69"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhJW7ETqjpPPo%2FAY6Uij9GiowmhxnbdWv8NJTiNfZKwHoMWYu%2F1O20CVR7mMbJ1HFT0mj%2BTQ09RK%2B1Y1XUdzOeQdDFxSObUj5QnH%2BKVTIhESfpi4IfDeX8bAQ%2BbqFQPx4yEmyjrcdZH%2FKpQ4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b9a2c04-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame AFBE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2024012111081892545119437X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...

49 B
1 KB

92ms
19ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2024012111081892545119437X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2024012111081892545119437X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C490984%2C197101&b=BmWUgfw2JhrYAghmC6H3t9tQPra4TeTmRMHM%2C6eYfef4bwSxP4BfkCmHYtktgk2MT2T1T2XpU7%2CbJDHQfm3YS59gZF7CbHztKtww8UxTJT5r6aJ&f=j4guEfJgbug8QRCJCEH2tWCX9MtKTzTD8mH9%2CX1Dszfx6PTdAePU2C4Het1C7XJESBTkTX6mcJ%2C3KQcpfE81FXw61UzCrHAtXC997f8TWTAYVcd&c=728&d=90&e=&g=c691f1564089b49f0f502f14adcd741c%2F10849960366810721781&i=29981%2C188175%2C20774&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698326&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgdfg8zs1qtwc4ah7jvp4wnvhc4bm2tmd3mf2e1ha9q8qgv4b02e9eq8dqt44kks063h517m6xadrbgp2x7rmewncem7w2j3y31y543bz86rj4b5hphv4fy195kdq313hxp1zs55xj13gv9v6r7zvyxyjb3r92mzq9mc331322cvpdm94vg605pbd40p8pmq6rzvstndsfnje0szpwbxjcefh74dyme8spc390eb61sw6acegqgfhznafqtjmr4gcgwj624vp0acb9fp227rdnd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOx0_Ee2sZcu3K5qK5LcPyuWC2AON-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE1wFP0DuyEaAUfBBiyu8czFxfIgeifzGTtedqRJUnvQ89U9F3efe7Di9Mt7yIvt4aLIhngvRVx0nuL3L9Eao2MWbRqLf62MECbnOKE7cwwp_4WfYt_fSbE78JIEDZz5-o0ibGTm8HbekYuG_ftDOnWwT9H8w_9Bih57sxqyZDCpzKwz4BwkXddypgePSgBYaEsMvLjL0XchK0tFghFbh0qBXs-PkZIo50JIarjZPWymbzlkkz71PFmuVQZfFg8-PLBE4UWqw_MDUFusIpb3Y7hKcYm8-jwY44AYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLKgiaOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17y5SDqVmXyghe4TlvquUzccBwiw%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 10:08:18 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2024012111081892545119437X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2024012111081892545119437X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Sun, 21 Jan 2024 10:08:18 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F7BA 115 KB
14 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1919800
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Rzr5B41yWlmHQiq%2F8JFAg4%2B0VY7aq4f0VHcxBlAb7xSj%2BQWzGYkE6EzMmAJGuHAUaQwPLVdCBSH2pfIBpd4%2FmvO6Iffv8V%2BRmwug0%2BKdZm4Mx7JgnA1pH886ZoqqP1GljOWmub0oaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 848ec1531b9b2c04-FRA
expires: Mon, 22 Jan 2024 10:08:18 GMT

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame F7BA 4 KB
4 KB 32ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf1f567fd0e29d5899e287541a1623601c1b33cea621dbe80eaefbbaea28ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130566
cf-polished: origFmt=png, origSize=4006
alt-svc: h3=":443"; ma=86400
content-length: 3690
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 06:54:50 GMT
server: cloudflare
etag: "22de341e7cd2b7cc34bb6862e6295571"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z5VVAI3QFct%2BSJIsZofFb0ZtSNklBAcqtmRa%2BI9OSxpXoYDCKsPn3GHKNbQW%2BAY9Tnud1v4fGyak8sjF%2BtJSDUhNRcDLDHerxdHeH%2FTV3AqJ4b2G8izficanxQ3MrUiOiXs%2Bi6CjdlwjflJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b9c2c04-FRA

GET
H3 200 889802724ADCE2146F48FCE7EC90F6CD108DAFCC62496C95A873616DDD732ECF548D8CB44A350646AF2A651EB681F65353F68EF16A780A6B502FA5C548449E34
assets.ad4m.at/ Frame F7BA 17 KB
18 KB 33ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/889802724ADCE2146F48FCE7EC90F6CD108DAFCC62496C95A873616DDD732ECF548D8CB44A350646AF2A651EB681F65353F68EF16A780A6B502FA5C548449E34
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ec683dddd9075b02220a4d04658adeccf2dd597735da6ea45fe8f705bb195f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136293
cf-polished: qual=85, origFmt=jpeg, origSize=20580
alt-svc: h3=":443"; ma=86400
content-length: 17900
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:22:48 GMT
server: cloudflare
etag: "8b72f81254ef5865f57f21d9ced58b5a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaUPdMfIpPPqT%2B5XsinRq%2Be7L6v6rwv1x5ct3rjHvk9Z9kW7gC8NTFjA8QevEsAMaR6KK4RQbYuJPWXD6XrwGRmcp01EukCO8qGz9PK%2FttjE%2F5Gx5bsjY92dS1Egm4%2FuxbgrdEorxkMk6418"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b9d2c04-FRA

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame F7BA
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2024012111081892545119439X117663V1225131106MSviewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_M...

49 B
1 KB

75ms
29ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2024012111081892545119439X117663V1225131106MSviewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 10:08:18 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2024012111081892545119439X117663V1225131106MSviewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Sun, 21 Jan 2024 10:08:18 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame F7BA 10 KB
10 KB 33ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131214
cf-polished: origFmt=png, origSize=10653
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 11:11:38 GMT
server: cloudflare
etag: "ca1cf24fc82b7541b262f0d4b15a8100"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCReR9fNU1%2FwitwjV672A8FK%2F%2BIpH%2BZG3AXfQnpl4DDDip0yHYiJ8wCa3TOgDsqcde8IhkD7yh7UXxo1pAOKnvaGoRanPcPS2nmsrOn9yQAc3o6%2Fq%2FCBEPJiUC344l%2BI7Kjh9z36CP9UcK2W"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b9e2c04-FRA

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame F7BA 28 KB
28 KB 33ms
33ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4695728
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28452
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:32 GMT
server: cloudflare
etag: "ad60aab65075d58e4390c75c7ea7b04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYS3LQIKetGkYkoOvg26RVAlePyT7CeqCh%2FMszaB%2FEC2obiAHK5UA7u3NbFPjU%2FrqkSbG05VoLmtHtQH95lL0lnq8BtBo3HBDIuWlxS%2FlBAd4KPUwVsTLIKGA7NekyuNvArunnctSUBrdyMy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531b9f2c04-FRA

GET
H3 200 8B6E3DF87FAE1455C49D37EE4A3C31737BD65C73F40771C5A938F5AF514DA9CB991AC11B6841DABE0D8F93BF93214D57BA78AE5699F10F6CBA8ABB20B16FAF8F
assets.ad4m.at/logo/ Frame F7BA 3 KB
4 KB 34ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/8B6E3DF87FAE1455C49D37EE4A3C31737BD65C73F40771C5A938F5AF514DA9CB991AC11B6841DABE0D8F93BF93214D57BA78AE5699F10F6CBA8ABB20B16FAF8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb78fac7a57b4df84422b70b78e2537036ec7dbb945e2faf30b4585784051255

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140351
cf-polished: origFmt=png, origSize=8225
alt-svc: h3=":443"; ma=86400
content-length: 3096
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:27:20 GMT
server: cloudflare
etag: "108ec4e99015dcfb48e55f166708051b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTmSS2OSONjkfRrzce%2BjJgYWRPnnaLGdMz5N%2F2PoUQWhRK%2BfrxdEUiEB1S9kcg5wsmKIv4LbgaUiSHvuPbRIGcggsv3TYYhAPG6TOdGu5r%2Bj9%2B8leUElIpFdVJgh8buRnXIgjYcW6eRB6ADZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531ba02c04-FRA

GET
H3 200 5994B3DE550570AA372B743FA20155FB62257D1E7071BC7F7A975716C71CA5057862D675BF8B6E748D22C277F3FAF87485141CBCA3B922D9A7A0F33D5737264A
assets.ad4m.at/ Frame F7BA 41 KB
42 KB 35ms
34ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/5994B3DE550570AA372B743FA20155FB62257D1E7071BC7F7A975716C71CA5057862D675BF8B6E748D22C277F3FAF87485141CBCA3B922D9A7A0F33D5737264A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c07a0d83eb1e95f6797657b7a0167d6383c8f49c34537199c3fc96f353eff2af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4511514
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 42026
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 09:27:00 GMT
server: cloudflare
etag: "589d1ae7a82a2850411977a4b32e0523"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPOO87W%2BW6oIA93d%2Bldfurfkx2nrmzDIZTocy64r15EMDY2MDDpaiuoSo7I33YS3uglZmTFz2WxFYn1z5bngLNFaegb%2FVt4HUHjQSnv4P7jzwfV9gq7GmAvV%2FQCHTFFBunbyQldLllfVVWVW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec1531ba12c04-FRA

GET
H2

200

cr_18ae07cc-c288-557a-a8ba-b0ebf080864c
res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_75618/ Frame F7BA
Redirect Chain

https://atlas.r.akipam.com/ts/i5033452/tsv?amc=dis.blbn.455799.507632.CRTdfSkjn1c&smc1=oneidY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUroneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&g...
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_75618/cr_18ae07cc-c288-557a-a8ba-b0ebf080864c

44 B
603 B

54ms
14ms

Image
image/webp

2a02:26f0:480:588::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_75618/cr_18ae07cc-c288-557a-a8ba-b0ebf080864c

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2a02:26f0:480:588::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

a9321278b7adbbce80afa9b6f00c3bb052156c9c49cf31ef74fe19f5d9922c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="cr_18ae07cc-c288-557a-a8ba-b0ebf080864c.webp"
server-timing: cld-akam;dur=5;start=2024-01-21T10:08:18.565Z;desc=hit,rtt;dur=6,content-info;desc="width=1,height=1,owidth=1,oheight=1,obytes=741"
content-length: 44
last-modified: Tue, 22 Nov 2022 07:47:16 GMT
server: Cloudinary
etag: "ec1df955a6fdbe75609e89c09829379f"
vary: Accept,User-Agent,DPR,Sec-CH-DPR,Sec-CH-DPR,Width,Sec-CH-Width
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Sun, 21 Jan 2024 10:08:18 GMT
server: IGT/2018 2.0
location: https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_75618/cr_18ae07cc-c288-557a-a8ba-b0ebf080864c
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 31ms
31ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848ec1532c392c7b-FRA
content-length: 24
content-type: text/plain
date: Sun, 21 Jan 2024 10:08:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwPlKsNsWS1A9yM38J5EsLTjUMMFmuu21v7UHPrF833mA84QyCkQ%2FNuiBDoN32gg3ASjRex1Ei6SSXhlk5dtOyQb6WJVEA%2FVal5Dkk9qVKnZHPqskKF1eK4LgBCDS%2BdUMQLhYHA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-krt5

POST
H3 200 rs Show response
ad4m.at/ Frame 1506 2 KB
2 KB 32ms
32ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4b763d6ffc8718a929579aa6cf569951f89afd83d54feda96395b96aca1e8e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUSf142rhY94yu5pmV5VU7%2BNr6orimeHRX1ATiemUGrVqOI52s6RdFOq486rGYw8cFslelmPCyDdNE9L3jqHinCF7Tg%2BcwyvZ65TGIqKZM2yvrW%2BCwjH8UjNhtg7F1Wm0VFzD4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 848ec1535c662c7b-FRA
x-backend-server: aa-reachservice-group-europe-west1-krt5
alt-svc: h3=":443"; ma=86400

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A0AC 0
19 B 46ms
46ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgcwnEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTVAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu61sjiZX-CfpfswhZ1vFPpKlflzd0dfZwzbiga1exjJehu2l2QIVoAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg4OTE1Nzc3ODAxNzAyMjUYAA&sigh=K25mIWuZEYw&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_AlnqYn-Q8ZSuILMAeLmES-uE-dWmEeiOOa19NJY1rJCfv5_f42AS8H_x2YQMLQR7q_Ai9VO3MBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=2302193839&adf=1987564233&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90&nras=4&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 Jan 2024 10:08:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame A0AC 0
11 B 17ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jgq9v8kpe25ycw2k9wtprpqsp61sb6wjfy72mspy9vbscra0jz3m09mja0ntp86fh161q57z09z1bzs436p64ntcptwy7v0zbxgevb6r85ctrv4thm92ste8kyxszv8kbhadgk6pvkhgyey7erjkm6jcxx9g4x40bc6svzks7qvrd2e8ncm76ya22qh2ppq7v3zdrbygtrnrnc3evnn9e6zg00qyjvmd6ac9gq1452f03hn1esv79ce4h2kpvskwqsbhkeg648rkz8frc2hdrgejk0n6k5znmwyqfygkrg2gx8hed5v8bcbs6ah7fr14txf1rx2tfc7kw8j38bxv2yyb3zpwrx9kzwh4e80s3ejzqjyhdjwt0xfhzhjhna4taycebv9n1j98fr&b=ZaztEQAKwUoKZOXFAAQfWGRqjAN21cVWHytU7g&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=90&adk=2302193839&adf=1987564233&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&to=qs&pwprc=5492384433&format=1200x90&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697603&bpp=1&bdt=4058&idt=-M&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x600%2C1200x280%2C1200x90&nras=4&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=2098522256&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 10:08:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 link.html Show response
track.webgains.com/ Frame F7BA 2 KB
2 KB 154ms
73ms Script
text/html 18.132.155.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jz8v68rvz6znd3wkyk5mf2dcycdr9nrvd5e2r4k6gxj1v4q4rscezpmdefrgvqk9d3d0ak6pdm5w953c0cq6tp58nrc8d9cfp1ayc1kdmyd1retsg4rh1wwgc10nm2ndzxns2ne6xszdmyv9zkhvh9v0kcg7mj5dn3am6dynbshykpapv0caat069vr3nqqvegagj8qnapnbkt5n0azsg6t6396y18ypfgmg0gttgnce0qn438ss8903v3w716qdxeev58%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%252526client%25253Dca-pub-8891577780170225%252526adurl%25253D&clickref=oneidVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&viewref=oneidG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaEoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.155.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2f8c82059ec6bcd17eb0751f8d6c9a7e5040bc58f59d88f1b6ebf8c192c6ff28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Sun, 21 Jan 2024 10:08:18 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 21 Jan 2024 10:09:18 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2AE5 9 KB
4 KB 36ms
36ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb321c8917b4cd2798ad07084aeaaa7290ad6fa5df3bbcc52a185c2414809e49

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hag7hnbvpmecya2txzp88gfj67hyb1yfsvgznwnzm4vz3w8765d1ztq4p0524c5pz4sp2enp1s8751dzrqfpj8mhcr8wdrdq006362e9gn226t82qp1sj67srsv9x4wc20wq9sazh91xg0xgrz58mp4c366jgbxa9veg678eqq16s4fjqvj15gv15w95ed4z9ze1r2r4p90btkfk5abrx87nqnaya8pffenk15pn8whyzn7c05m7fmnh4y11t9g9h5c0ec2xez1evadabzpnxy3g7cxbwqnvkjd0xw7yx05gx4etpwwt0jbw51tba1vmpz3d2qt62hptk0tdjmg0ynjh0jsxqmptrm8kct8xc1zer1304nr9r3tk7wsv99gy8scsqg3tt4fzt9j9m5m5tqetqgfkf8ajk90wpxxt6hgccrfj9vsnm9ds5zcae1w4r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%26client%3Dca-pub-8891577780170225%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848ec1539c142c04-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 5838 43 B
251 B 48ms
7ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=126&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tambayanstelesereyes.su&L1id=1000428&L2id=50000154&L3id=60015627&L4id=70003359&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1705831697972&r=996755425396&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=tambayanstelesereyes.su&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bedc=1&nosend&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 5838 43 B
251 B 47ms
7ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=126&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tambayanstelesereyes.su&L1id=1000428&L2id=50000154&L3id=60015627&L4id=70003359&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1705831697972&r=996755425396&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=tambayanstelesereyes.su&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bedc=1&nosend&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5838 43 B
265 B 7ms
7ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Feu.adventori.com%2Fcreatives%2Fdubai-tourism%2F202010-alwaysOn%2F160x600%2Findex.html%3F_format%3Dhtml%26_dataSize%3D160x600%26_confSize%3D160x600%26_placementId%3D387246%26_campaignId%3D16252138%26_brandId%3D16248439&i=TRAVELAUDIENCE_DISPLAY1&ol=2553148879&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%7D%406U.hDnBmOPF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248RSzOFnUi%3FCFm%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gahQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-Dr7RCmgcJXlbBw%3D%3D&sc=1&os=1-6g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&cu=1705831697972&m=553&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=191&lg=1&lh=15&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A448%3A274&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=126&cd=0&ah=126&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000428%3A50000154%3A60015627%3A70003359&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&zMoatSubdomain=tambayanstelesereyes.su&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=207009&na=1638480946&cs=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2AE5 115 KB
14 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1919800
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArCbgV%2FDDBBQaa6mZm%2BQprwgWe5%2BoIbbluRFkb5d7UDRpw8%2Bqkm7ksiQiMZ1xWqcDwS2z4iPqPAXucEuORs%2FIwiFtLPvuuKxFQ17jz%2BdO7S2LwzUf0MeHcPKW6UsmogE98HibmTsV58%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 848ec153dc532c04-FRA
expires: Mon, 22 Jan 2024 10:08:18 GMT

GET
H3 200 B822EE60584E5D0A94D7F72EA93E068549DBDDE069EA82E64097160FA47DA58679343A64AED6D70E76893164B693DD4344812F41ABAB7E5A92AA42E22AD9CB76
assets.ad4m.at/logo/ Frame 2AE5 8 KB
9 KB 25ms
25ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B822EE60584E5D0A94D7F72EA93E068549DBDDE069EA82E64097160FA47DA58679343A64AED6D70E76893164B693DD4344812F41ABAB7E5A92AA42E22AD9CB76
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df401f6d2a5004901e2cee63bef0497715284cb163d85bc2861ca055cf7c779f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4506137
cf-polished: origFmt=png, origSize=19563
alt-svc: h3=":443"; ma=86400
content-length: 8608
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:33:18 GMT
server: cloudflare
etag: "a34b0613c5de1381d82a987871ed3fd4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTx8wbk6gi%2B7v9o3AM7vsc2O5pWR8DYmJxAZADSXUHKEH23KQwV7TieGy1Tat%2BNyKx9w%2Bu0GDKLnaUhRr4P02mcDM%2FIbW4sap1JpowMFb6PA3UeZKpOA5n%2F%2B8dtbN0HpH3R%2FefemlWZs2BpZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec153dc562c04-FRA

GET
H3 200 1767FDB1E55B9D11C8990D3890AD592A2C67856D6D6932C911848DCF5824AF075FB80AF7041FE412CCD9260562321FC220C57024A665465A4450D221F4E3FCFD
assets.ad4m.at/ Frame 2AE5 42 KB
42 KB 28ms
28ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/1767FDB1E55B9D11C8990D3890AD592A2C67856D6D6932C911848DCF5824AF075FB80AF7041FE412CCD9260562321FC220C57024A665465A4450D221F4E3FCFD
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6044955b9414c2cc35e8bcb32457b972f62266cc998cb43177f944c613c5deb3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4605298
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 42593
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 12:45:36 GMT
server: cloudflare
etag: "c5c34b2a9b203319263effbcbf2de469"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHtAbc2ymmmNgHBoqhHq83CqdkaVmJaZ6tduAv4b3DUPwrPQgmxWFJnyR8y0S9K3Zy6%2BxVh6Jb7RZwASrf9jvAhLWxKp1QzvU%2F6HC8EU63E8lUrg5gvsuINRf1pydfafaa1dydfhAl3%2BijEy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec153dc572c04-FRA

GET
H2

200

cr_337dff5c-80dd-5d5f-aaf4-db7583b54d62
res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_82470/ Frame 2AE5
Redirect Chain

https://ibdhut.ltt-versand.de/ts/i5039242/tsv?amc=dis.blbn.455799.471580.CRT0GtEwW-T&smc1=oneidDGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phVoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=...
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_82470/cr_337dff5c-80dd-5d5f-aaf4-db7583b54d62

44 B
603 B

14ms
14ms

Image
image/webp

2a02:26f0:480:588::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_82470/cr_337dff5c-80dd-5d5f-aaf4-db7583b54d62

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2a02:26f0:480:588::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

a9321278b7adbbce80afa9b6f00c3bb052156c9c49cf31ef74fe19f5d9922c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="cr_337dff5c-80dd-5d5f-aaf4-db7583b54d62.webp"
server-timing: cld-akam;dur=5;start=2024-01-21T10:08:18.604Z;desc=hit,rtt;dur=7,content-info;desc="width=1,height=1,owidth=1,oheight=1,obytes=741"
content-length: 44
last-modified: Tue, 22 Nov 2022 07:51:43 GMT
server: Cloudinary
etag: "ec1df955a6fdbe75609e89c09829379f"
vary: Accept,User-Agent,DPR,Sec-CH-DPR,Sec-CH-DPR,Width,Sec-CH-Width
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Sun, 21 Jan 2024 10:08:18 GMT
server: IGT/2018 2.0
location: https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1/prod_creatives/net_253/adv_82470/cr_337dff5c-80dd-5d5f-aaf4-db7583b54d62
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 2AE5 7 KB
7 KB 22ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194795
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BLm2QKo75kQelOf8bhHQFHfcPH8p88dPj6yiP%2FSgthSxqkBQPSQkx4NHyEM%2BVomEOM5tgkHxs%2FLzGMhrU3S2IGB0b%2B%2Bk4gbqI5lqZis83yzq%2FhCtWmzasJe6g%2FNVWZuynj3sXEVet6RIUGY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec153dc582c04-FRA

GET
H3 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 2AE5 25 KB
25 KB 23ms
23ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3980641
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBO2XHK%2BMwE0jrhr6vviGV0OIeESCQ26SGPQc1PEuAC6ScNV6UFD%2F%2FQ7%2Fo2HvqhRbq0uxdlCe%2B3lR%2BgYVQiN7xZNJmJVzNF%2Bdl%2FgxR7iBVVN7z%2FfB15oHAxXgoqR0RXQXg4teFa5FnFL3NYb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec153dc592c04-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 2AE5
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTdoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1705831698_ffe61620-b844-11ee-8694-226555b1c0ac&insert=AW&&gdpr=0&gdpr_consent=

0
491 B

54ms
27ms

Image
text/html

2606:4700::6813:afbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1705831698_ffe61620-b844-11ee-8694-226555b1c0ac&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 848ec15458b55b8c-FRA
content-length: 0
expires: -1

Redirect headers

Date: Sun, 21 Jan 2024 10:08:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1705831698_ffe61620-b844-11ee-8694-226555b1c0ac&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 CE6834AD498963D86DCF81CEFC3C8B2F207262F71B4D750782ACC1A1406885822D68122DFB2A560E5E701C233F87E8D5DDF70708DEEF423D7ACE0B4A3456D62C
assets.ad4m.at/logo/ Frame 2AE5 19 KB
20 KB 20ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE6834AD498963D86DCF81CEFC3C8B2F207262F71B4D750782ACC1A1406885822D68122DFB2A560E5E701C233F87E8D5DDF70708DEEF423D7ACE0B4A3456D62C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0608f1a7ef6606a2cfffc069a4dbfac115530a028c34f41fdee74025a8e041ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137272
cf-polished: origFmt=png, origSize=22787
alt-svc: h3=":443"; ma=86400
content-length: 19466
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:10:05 GMT
server: cloudflare
etag: "4b9704be0737f6ef5c79d5399f862263"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBkaCIGZg3bFx8S66dxmxN7%2Fs26oz9l2KFPnIuF01HZ6u%2FLAQmzO%2FZHYtUgnOpMlra9GnryTSk11sLJxG0Q6OSOfljuDuaYzHOn9krFogySjE6BUCIWri84PkUyCzAnzqvcq2TMogFCoaGu8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec153dc5b2c04-FRA

GET
H3 200 4B927AAF30F443F7A88AA5F69050293EE8D5C60E263C40829E029C16040D20F6AE81092D665019CBC0DD839F6AFB90D93F94F73A47C1002601D444B61B1C7967
assets.ad4m.at/ Frame 2AE5 36 KB
37 KB 21ms
21ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/4B927AAF30F443F7A88AA5F69050293EE8D5C60E263C40829E029C16040D20F6AE81092D665019CBC0DD839F6AFB90D93F94F73A47C1002601D444B61B1C7967
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6a31c295e712e8e9e0875189171f743c70a2da3d2b3f975ed577844698fc5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 845841
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 37180
cf-bgj: imgq:85,h2pri
last-modified: Thu, 11 Jan 2024 15:10:27 GMT
server: cloudflare
etag: "9e3ea7345b998abf34ffc42fd4d7f7df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef6gpVrEOV5MK5AVvU40FqoHOgKk52vH7AW75EeeFVgtXmEYV2YNBNpgJjFF%2BSRFqZoy6kjZRF3ZOkm0QDAHRnecmxjIXUtp2%2BxrI6gWG5O1GRdultWe6sVzt9vCa1iaYwsAt%2FX%2F%2FO%2BPlO%2Bj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 848ec153dc5c2c04-FRA

GET
H/1.1 200
OK af4ff75e9ff0f691fd8dd53e639ddaad Show response
netzwerk.uppr.de/trck/epv/ Frame 2AE5 549 B
1 KB 251ms
201ms Script
application/javascript 147.135.143.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneideWDC3f72guD34S8CZHet1t431hjTQTx64a1oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.143.66 Montpellier, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e5b6d98fc3723ca67715e501f8904a7eade81db109f22d710c8cf4b27a8baf82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
attribution-reporting-register-source: {"source_event_id":"12200505250107494","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
x-iplb-request-id: 515F0528:CC80_93878F42:01BB_65ACED12_16B100A:4AE3
x-iplb-instance: 54193
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-https-header: 1
content-length: 549

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5838 43 B
265 B 10ms
9ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2553148879&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%7D%406U.hDnBmOPF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248RSzOFnUi%3FCFm%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gahQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-Dr7RCmgcJXlbBw%3D%3D&sc=1&os=1-6g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&cu=1705831697972&m=615&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=191&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A448%3A274&aa=0&ad=37&cn=0&gk=37&gl=0&ik=37&ic=37&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=126&cd=126&ah=126&am=126&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000428%3A50000154%3A60015627%3A70003359&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&zMoatSubdomain=tambayanstelesereyes.su&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=207009&na=729679106&cs=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 5838 43 B
251 B 7ms
7ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=37&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tambayanstelesereyes.su&L1id=1000428&L2id=50000154&L3id=60015627&L4id=70003359&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1705831697972&r=996755425396&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=tambayanstelesereyes.su&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bedc=1&nosend&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 5838 43 B
251 B 7ms
6ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=37&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tambayanstelesereyes.su&L1id=1000428&L2id=50000154&L3id=60015627&L4id=70003359&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1705831697972&r=996755425396&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=tambayanstelesereyes.su&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bedc=1&nosend&q=4&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:18 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F7BA 54 KB
19 KB 265ms
14ms Script
application/javascript 18.66.27.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jz8v68rvz6znd3wkyk5mf2dcycdr9nrvd5e2r4k6gxj1v4q4rscezpmdefrgvqk9d3d0ak6pdm5w953c0cq6tp58nrc8d9cfp1ayc1kdmyd1retsg4rh1wwgc10nm2ndzxns2ne6xszdmyv9zkhvh9v0kcg7mj5dn3am6dynbshykpapv0caat069vr3nqqvegagj8qnapnbkt5n0azsg6t6396y18ypfgmg0gttgnce0qn438ss8903v3w716qdxeev58%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%252526client%25253Dca-pub-8891577780170225%252526adurl%25253D&clickref=oneidVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&viewref=oneidG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaEoneid__suite_Mweb_Netmix_Reach103_TopRotaMonth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.27.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-27-36.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:23:26 GMT
content-encoding: gzip
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 17093
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: iSnxS62Y6h1HH60FqpwEx4T0EDc089imMLWj9JiDD2psVpn_TAi7gg==

GET
H2 200 1692282615_nrkxmt2VWiWvZTgzkEX59Uj0oUlxtD2O.png
cdn.track.production.webgains.team/265645/ Frame F7BA 4 KB
4 KB 266ms
15ms Image
image/png 18.155.129.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/265645/1692282615_nrkxmt2VWiWvZTgzkEX59Uj0oUlxtD2O.png?Expires=1705831998&Signature=kpZbDLgKxjPhYBqExOnOHlCIqDZVmQOurtYC4wdhApQFiEVzpuDOsa9FA~LO7KazviS8YWJUfXj3~kM5e1UdScI1LxZhc-4V0-Cgo8niK6EAC~YUNaqDbOYQj3mNrgHlLnmQLeO6wt16HCu9MX-Ln7y3-slEk7TpJXO2BRT5IEHd5hkJOTPusGhGzz5pM-Y8Uk4tew~eqBDpyubQ49KDOl7aafJ3pKOiXozbmJNQV2WYA~4Cpt3MmvGmY20jYHiE5Uhr9Qd2sYuixv-fH7teKJlo4sEATRe~u0vzrT8nz9ynpqR9R1QZK2E33wk3fbSnBUoDp32lcJ7vdnLNDvBygA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197100%2C183975%2C473823&b=WXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2%2CG54FBf8MYSXq8ka1CeHGtPtpWra2TYTeGQaE%2CY9DCrfWmGSgQzXtGC9HetQtwY3CAT1T47ZUr&f=5KqcXf8M4SWjXzfWC7HMtkCEEkUETVTVqgU1%2CVgDtwfKE6TD7QPHGCbHAtXCE2MakTzTzEeTQ%2CqjBamfkx1HqYZzHKCgHDtRC3KqcPTgTA7mc3&c=728&d=90&e=&g=fa2c48b7b1df2c48cfcc0a16e4a0d608%2F15578290701135751226&i=20773%2C20597%2C30433&j=14%2C21%2C52&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698341&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hppcbfh13fnz8exy4gsc2ns6bz68w40x75z3n2vwavd3dk746sp7ke0e7ym9yvr6qfvsffhc0m80kx6x9exqpzdsabqps5g2gcfz4v97gr90pakqmfb1bqvp5fn00me8bb5cnqbytp41f7140882wf71f5frkdse4v2815b2yehjej51zvnhsha6q1et1stm2pa168dqpnqt7p1agn1xvt496wzdp1by1tqkfaksr430h2mnavd5g6q3t7e4khh1wa0jh2xg5n45ys7d0hhhagn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQbhqEe2sZcCRK8bS5LcPhsy8wAGN-6z2Yei9vbaWB8CNtwEQASAAYJX6joKgB4IBF2NhLXB1Yi04ODkxNTc3NzgwMTcwMjI1yAEJqQKdimvoZUiyPqgDAcgDAqoE2AFP0O59oglQNnNyhnDch9oX6I9LuTfbZTgFBQeKwxkxb4hpELjwJ_1aIUX7wffGwoE4l85wvGTF99Gtx9zc-JHH468Kw4VY4fCwfK3hjiPAmzKK7dif_rg0sy5b48dUjgSY5B1nHt2e4XRqAWoccb9yt9ZBoYoJLQyIYcUD9gA25NknkvtOVed27NoXqvv21cOGfh6mjOavj2toFhreHqQ3O_pZS5KA1CeRg-7_wm9T3ebq7mc22KIOgq75HOjyKkynV3EV5E514uWUstP0Wm2TKU5LZiwLLz6ABpvO9LiunL66J6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlif74ijnu6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-FJh92BjZWB3lMNQ9Y4WreiHzVA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-96.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9341de86e937a45a93d5120d0a9d94cdfdbfcbd2e4da2a1c529fdc69d6b4d2e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 20 Jan 2024 14:06:48 GMT
via: 1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
last-modified: Thu, 17 Aug 2023 14:30:16 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 72091
x-amz-server-side-encryption: AES256
etag: "47f1e003b9b074a403e5469f531658f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3904
x-amz-cf-id: 0JPG-T05RD9Ga-UFIUoG3o5xsA4WwCa8aS6lZ_X9-1EMeVba03nhxQ==

GET
H2 200 postview Show response
www.eprimo.de/ Frame 600B 334 B
462 B 41ms
8ms Document
text/html 18.158.75.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eprimo.de/postview?hp=8000001991&pvid=65aced12141e30d18a7bbb83&gdpr=0&gdpr_consent=&gdpr_pd=0

Requested by

Host: netzwerk.uppr.de
URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneideWDC3f72guD34S8CZHet1t431hjTQTx64a1oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.75.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-75-134.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4803fb9ad425e3d59451441ac6a7c901a4392f78f7732f07aa2a5292503460bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 21 Jan 2024 10:08:18 GMT
etag: W/"65a4fd24-14e"
last-modified: Mon, 15 Jan 2024 09:38:44 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 88x31.png
ht.uppr.de/campaign_118_eprimo/20210714_Logos/ Frame 2AE5 4 KB
4 KB 89ms
7ms Image
image/png 54.37.204.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht.uppr.de/campaign_118_eprimo/20210714_Logos/88x31.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=879831%2C14019%2C12798&b=DGbs3f8KWSgKZrSPCmH9t1tKwPCWTmTk6phV%2C9KAcMf52WtYKpcQCBH2t7trDKCwTmTZqkTd%2CeWDC3f72guD34S8CZHet1t431hjTQTx64a1&f=d5BFEfqmPa8YXRhVCjHwtqCwKgU3T4TGkZaj%2C1K4cbfmpASYWbcQCdH9tpC239sRTKT7zqUA%2CDGbs3f8KWSMRdfPCmH9twCZm1aWTmTk6phV&c=728&d=90&e=&g=38b14cd377106b76a46f0f1cbfcf4f84%2F3767923152007128477&i=29563%2C21596%2C20363&j=52%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Mweb_Netmix_Reach103_TopRotaMonth&r=1705831698468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1haacx1akzynws9gzte7dsr256je36pcgd34p9zqeqsjetjn629nbemmem4tsenjrcc3rb6c27gf1jrnrzm582ag0kxkcd1ys9xjdnz4yjgdmykw33p01k0mqxf6rdkv96pde2vr3ty6ytc23ahbx24pf1xp6012hw8z6df2hhp2jtg8km21ae1x9g0vq9kkwfe58ta20r7zyjxzf3xsk7bf7b1pq2p17kv29rdvjzg7bapesb85zb0jm8bvezz1y02degwr6rc67ff1b9kskd26%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp7hoEe2sZcqCK8XLkwPYvpCwBY37rPZh6L29tpYHwI23ARABIABglfqOgqAHggEXY2EtcHViLTg4OTE1Nzc3ODAxNzAyMjXIAQmpAp2Ka-hlSLI-qAMByAMCqgTYAU_QH12gnq6hx78jbJFT_s7aYejU7lhdh-mZLn-MLMCzf0gy1pQJII16gXS3P5oQaEBlF6A3jP_1q5x42QCwxJLoqWLnYiX5fjHE4MQ2FMeOoCRZ97iF6zLab16FiS93KCk2eBM8TZUMWMkGV43ckFcTL7vgdgTqL7uqB4gz6_vXlNW-JeiKiJA52NtvyMKy1qAQ3xgDeqKlloJzf78jEP5mPAgA3kj1cM6YBD0jIu73sBkLiBkY5TO3xQHBKG3M0eJ52k1xf9lRPDoi9_HYVgNjS_tInip4yYAGm870uK6cvronoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnkiKOe7oMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1J5DUTRkkL0D0pXfdHkUcmbz4cBA%2526client%253Dca-pub-8891577780170225%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.37.204.178 , France, ASN16276 (OVH, FR),
Reverse DNS: 178.ip-54-37-204.eu
Software: nginx/1.24.0 /
Resource Hash: b5cbed9147f88e081848cdd63a0791004ad19c85d075033508db726df783c558

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
last-modified: Wed, 14 Jul 2021 10:35:04 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "60eebdd8-116b"
content-length: 4459
content-type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame 2A47 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 cookieFork.js Show response
www.eprimo.de/postview/ Frame 600B 9 KB
3 KB 8ms
8ms Script
application/javascript 18.158.75.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eprimo.de/postview/cookieFork.js

Requested by

Host: www.eprimo.de
URL: https://www.eprimo.de/postview?hp=8000001991&pvid=65aced12141e30d18a7bbb83&gdpr=0&gdpr_consent=&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.75.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-75-134.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

48c851642ddc61a2093c2445e17251c1b7465d979185267312ddc5b496828813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eprimo.de/postview?hp=8000001991&pvid=65aced12141e30d18a7bbb83&gdpr=0&gdpr_consent=&gdpr_pd=0
Origin: https://www.eprimo.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 15 Jan 2024 09:38:44 GMT
server: nginx
content-encoding: gzip
etag: W/"65a4fd24-24ea"
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 477B 42 B
64 B 160ms
159ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTXg7zXXWuGz8iTu4aUV8qwLuaXJFfyxWfy0yU-pEkfCd9lMr02snrwvZidQmC2R_medsVo50xkfBalbEY4uVGUUSZJHZkCL37K3Y0JlNt7nqlYSXZ&sig=Cg0ArKJSzE7XdIYV1mXAEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1293947800&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705831697304&rpt=607&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C03A 42 B
64 B 160ms
159ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQcXmtGMCkh_KIHwvgj372bc3o4GdLGl76fZSCWYOaJyVMVUs35ixMrOj4XZzk0hRRkn14OYe6qJEuCaA5INuVOtypmqyFE19AykdQNcsyHOqRdLkHoQ&sig=Cg0ArKJSzF_4hAkG0i5AEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2778862626&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705831697741&rpt=202&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F7BA 16 B
209 B 73ms
72ms Fetch
application/json 3.11.114.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.114.248 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-114-248.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jan 2024 10:08:19 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 95ms
21ms Preflight 3.11.114.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.114.248 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-114-248.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 21 Jan 2024 10:08:19 GMT
server: nginx

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5838 43 B
265 B 7ms
7ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2553148879&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%7D%406U.hDnBmOPF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248RSzOFnUi%3FCFm%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gahQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-Dr7RCmgcJXlbBw%3D%3D&sc=1&os=1-6g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&cu=1705831697972&m=1688&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=191&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A448%3A274&aa=1&ad=1111&cn=37&gn=1&gk=1111&gl=37&ik=1111&ic=1111&ez=1&co=1111&cp=1073&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1073&cd=126&ah=1073&am=126&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000428%3A50000154%3A60015627%3A70003359&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&zMoatSubdomain=tambayanstelesereyes.su&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207009&na=1165924723&cs=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:19 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 5838 43 B
251 B 34ms
34ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1073&tet=1111&fi=1&apd=1274&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tambayanstelesereyes.su&L1id=1000428&L2id=50000154&L3id=60015627&L4id=70003359&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1705831697972&r=996755425396&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=tambayanstelesereyes.su&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bedc=1&nosend&q=5&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5838 43 B
265 B 8ms
7ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2553148879&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%7D%406U.hDnBmOPF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248RSzOFnUi%3FCFm%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gahQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-Dr7RCmgcJXlbBw%3D%3D&sc=1&os=1-6g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&cu=1705831697972&m=1689&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=191&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A448%3A274&aa=1&ad=1111&cn=1111&gn=1&gk=1111&gl=1111&ik=1111&ic=1111&ez=1&co=1111&cp=1073&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1073&cd=1073&ah=1073&am=1073&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000428%3A50000154%3A60015627%3A70003359&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&zMoatSubdomain=tambayanstelesereyes.su&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207009&na=1533744911&cs=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5838 43 B
265 B 7ms
7ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2553148879&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%7D%406U.hDnBmOPF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248RSzOFnUi%3FCFm%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gahQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-Dr7RCmgcJXlbBw%3D%3D&sc=1&os=1-6g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&cu=1705831697972&m=1689&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=191&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A448%3A274&aa=1&ad=1111&cn=1111&gn=1&gk=1111&gl=1111&ik=1111&ic=1111&ez=1&co=1111&cp=1073&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1073&cd=1073&ah=1073&am=1073&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000428%3A50000154%3A60015627%3A70003359&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&zMoatSubdomain=tambayanstelesereyes.su&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207009&na=2137581587&cs=0
Requested by: Host: tambayanstelesereyes.su
URL: https://tambayanstelesereyes.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:19 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 50ms
50ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0856dde410f2232f4427a0aa00512f4abe0d48f41ae695dafe603b64524f59c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12031
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:08:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD97 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 09:02:05 GMT
expires: Mon, 20 Jan 2025 09:02:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A733 829 B
558 B 23ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09cfc8c30452466f82619227c11b01d3052cd5dcbfbf4228fef670ef7f273823

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WpGjcyP-ktFApWbOG2euXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tambayanstelesereyes.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WpGjcyP-ktFApWbOG2euXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 10:08:20 GMT
expires: Sun, 21 Jan 2024 10:08:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame BD97 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 01:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 01:19:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A733 0
0 154ms
153ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=67280301293385&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD97 0
10 B 11ms
10ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?e-LeXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sun, 21 Jan 2024 10:08:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 161ms
160ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=67280301293385&bg=!f3ylfDPNAAa8BdJLnAU7ADQBe5WfOLAwrTX5WcXZKQxSkIObcxRPcUValJsR8TJBbI9IRiLCnAMRAlYm5Ez0AvztmuGEAgAAADBSAAAAAmgBB5kC0WiEj15K3UKnmeCKtSIi2qFk0eIBeRcrFLp9b-3WHHFmgFCxKKH8exePsKcUBVHFda7rOVQyK45VM6ECg8lyXiPaqNsIzWZ2lmjK-x1HpBMQJmY4K8I1woOLgyHqienzUHRwqmXYToMdtV60K3XzZL1mI1rWaQgQhOmp5hz5_ZRlvSna_gzkPOiCIlRx62BK6PWOAjQ-8MSeaJuv6WbsNkziKGRp2xVv1gLx3JQfBQYsMbvtFQxCmTLDUdzDzMausZuLdOSo-BoO_wRLn0Os4etEVwtu8wfNA0OVTR-jcqkRqQABnve2GGV8UZFu9Ha5WbyBKyHB6a97jQnRXahcMNCdBNU9LbjK2WRJs4BHFhiqUcAUw9uJYWkQ-eSyXuntarWEJE8IW2I5TKWvnVAAWr1MqmWQtT61vX3um3p0OL282SYwuUX01WwF1BzwbY9meAQBy_5-cIPVhoPa1syP1sjqpwN-PIh8q7KYJxDdwatRFkNNmPeNLQ18EnMWJlrXZ8Tb8Lpx4_DzhX0YymBObXwF-VrrihuKZUfFM7sjSp5Ixk0t9suO8NMajvJVq5Tg3XSQnnDKj_gmXK1Dvq4ddrcs2gebOrm7neX6vMYjnXzTiMWucyyj7ySg-vWpWfGQ_0Jex2I-DC0XNYWSXFXBpsz3sg_fBd5CCGsjonI0oLjy0PAY3r3loizKZkaKhXWiBeqCOZSXacELKm5emBKPpggaEPflUjCjmQxLrrt6OGAQuA-zwLk86jso1eOfkoOPEXBFM_8Hw8aHjuX7wdNzhewyr3p9RBh0_1rns0lXl3uUcyo7DjnHhXbAv5CNumfQaYFehJFrMDKFmUTm8MTw6S6dbe-XMA0PrdsyOCHH4DDymsREX5IHNaAeL8xMY7yFJCbwh9pGuVkk80NIy_adL6oiprG4I7r601LloRfWg--iww-Su6kUmO1YCb0BkGZqXoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tambayanstelesereyes.su/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 5838 43 B
251 B 7ms
7ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1073&tet=4926&fi=1&apd=5089&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tambayanstelesereyes.su&L1id=1000428&L2id=50000154&L3id=60015627&L4id=70003359&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1705831697972&r=996755425396&t=page5&os=1&fi2=1&div1=1&ait=0&zMoatSubdomain=tambayanstelesereyes.su&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&bedc=1&nosend&q=6&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 10:08:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5838 43 B
265 B 10ms
9ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2553148879&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%7D%406U.hDnBmOPF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248RSzOFnUi%3FCFm%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gahQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-Dr7RCmgcJXlbBw%3D%3D&sc=1&os=1-6g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&cu=1705831697972&m=5704&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=191&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A448%3A274&aa=1&ad=5127&cn=1111&gn=1&gk=5127&gl=1111&ik=5127&ic=5127&ez=1&co=1111&cp=1073&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5089&cd=1073&ah=5089&am=1073&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=1000428%3A50000154%3A60015627%3A70003359&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&zMoatSubdomain=tambayanstelesereyes.su&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=207009&na=568594120&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5838 43 B
265 B 8ms
8ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2553148879&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%7D%406U.hDnBmOPF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bw%5EjrG%3DzI2%2BA%248RSzOFnUi%3FCFm%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gahQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-Dr7RCmgcJXlbBw%3D%3D&sc=1&os=1-6g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Ftambayanstelesereyes.su&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Ftambayanstelesereyes.su&t=1705831697972&de=996755425396&cu=1705831697972&m=5905&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=191&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A448%3A274&aa=1&ad=5328&cn=5127&gn=1&gk=5328&gl=5127&ik=5328&ic=5328&ez=1&co=1111&cp=1073&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5290&cd=5089&ah=5290&am=5089&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=1000428%3A50000154%3A60015627%3A70003359&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=tambayanstelesereyes.su&zMoatSubdomain=tambayanstelesereyes.su&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=2WmTuNSAzClcvvs_Yndhm_BO7ZL48rfUUMQG0A&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=207009&na=336810583&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Sun, 21 Jan 2024 10:08:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:08:23 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:33:43	Name: userId Value: Ey7HI69KPH3fsGnOL5_25wwHbO23zrp0
.tambayanstelesereyes.su/	1970-01-21 03:12:07	Name: __gads Value: ID=5bbfc32c8b9a4ca9:T=1705831697:RT=1705831697:S=ALNI_MbGZdNlnRhegzlD_gC4HwxghstOaA
.tambayanstelesereyes.su/	1970-01-21 03:12:07	Name: __gpi Value: UID=00000d45a0f81bb4:T=1705831697:RT=1705831697:S=ALNI_MaN8sCytNep1ZcPeIT2kRzOjA5mRA
.travelaudience.com/	1970-01-21 03:22:12	Name: _tracker Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%22A2613AB4-2FA2-4738-9EA5-A78A71CC7F0A%22%7D
.adventori.com/	1970-01-20 20:00:07	Name: tk_ui_third Value: 1
.adventori.com/	1970-01-20 20:00:07	Name: tk_ui Value: _4V_kbhEEe6KQ-3-icPQPg
.adform.net/	1970-01-20 18:35:10	Name: C Value: 1
.adform.net/	1970-01-20 19:16:55	Name: uid Value: 28780251611829441
.everesttech.net/	1970-01-21 02:36:07	Name: everest_g_v2 Value: g_surferid~ZaztEgAP9twd3gAM
ads.travelaudience.com/	1970-01-21 03:22:12	Name: _tracker Value: %7B%22UUID%22%3A%22A2613AB4-2FA2-4738-9EA5-A78A71CC7F0A%22%7D
.innovid.com/	1970-01-20 20:00:07	Name: uuid Value: 26423ed8-4414-4691-a3d5-64959200b0c4-20240121 05:08:18
.ctnsnet.com/	1970-01-21 02:36:07	Name: cid_91fcee9101f84d959ad1c97616c06f7d Value: 1
.ctnsnet.com/	1970-01-21 02:36:07	Name: gid_CAESEPGo4PXPYbzuNfGkHGhGTco Value: 1
.w55c.net/	1970-01-21 03:22:12	Name: wfivefivec Value: tdShOeZz1RruKu5
.w55c.net/	1970-01-20 18:33:43	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-21 02:37:34	Name: suid Value: 97E08DC659654CB6BF01D2B59B90A4DF
.doubleclick.net/	1970-01-21 03:12:07	Name: IDE Value: AHWqTUlj4asF0cbBPnYFTJ0kXdn9hC-mGSmfruIw9Rv28HKh667fRtK5pNA5SNgGdws
.yahoo.com/	1970-01-21 02:36:29	Name: A3 Value: d=AQABBBLtrGUCEPPngh7Gr5zWuL_x3aF2BN8FEgEBAQE-rmW2ZQAAAAAA_eMAAA&S=AQAAAi1-bsxeUwhwKuzNYTGNIyE
.turn.com/	1970-01-20 22:09:43	Name: uid Value: 4028936937180404281
.awin1.com/	1970-01-20 17:53:24	Name: awpv14702 Value: 412871\|1705831698\|ffd85a80-b844-11ee-b3cc-2233d0695e79
.awin1.com/	1970-01-20 17:53:24	Name: awpv9145 Value: 412871\|1705831698\|ffd9ba10-b844-11ee-b3cc-2233d0695e79
.awin1.com/	1970-01-20 17:53:24	Name: awpv20044 Value: 412871\|1705831698\|ffd8f6c2-b844-11ee-b3cc-2233d0695e79
.r.akipam.com/	1970-01-21 02:36:07	Name: tsv Value: kGk!IVLQsJWgVb0!AQ\|CCrA!A!~trvWlJA*39
.awin1.com/	1970-01-20 18:00:36	Name: awpv11938 Value: 412871\|1705831698\|ffdd3c81-b844-11ee-86b5-22356fe9f584
.awin1.com/	1970-01-20 17:54:50	Name: awpv11354 Value: 412871\|1705831698\|ffe61620-b844-11ee-8694-226555b1c0ac
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.congstar.de/	1970-01-20 18:00:40	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1705831698_ffdd3c81-b844-11ee-86b5-22356fe9f584%22%2C%22sp%22%3A%22awin%22%7D
.blau.de/	1970-01-20 18:00:36	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTM2MDAwMDAwMDA2MTcwNTgzMTY5OHZsZWExZGUyMDI0MDEyMTExMDgxODkyNTQ1MTE5NDM5WDExNzY2M1YxMjI1MTMxMTA2TVN2aWV3b25laWRXWER0cmZyRVlGWkJKcnN4QzVIanR4dFhYUUZQVEVUSkF6dDJvbmVpZF9fc3VpdGVfTXdlYl9OZXRtaXhfUmVhY2gxMDNfVG9wUm90YU1vbnRoMTE3NjYz
.blau.de/	1970-01-20 18:00:36	Name: nscQ486 Value: V
.blau.de/	1970-01-20 18:00:36	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2024012111081892545119439X117663V1225131106MSviewoneidWXDtrfrEYFZBJrsxC5HjtxtXXQFPTETJAzt2oneid__suite_Mweb_Netmix_Reach103_TopRotaMonth&wfid=117663&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTM2MDAwMDAwMDA2MTcwNTgzMTY5OHZsZWExZGUyMDI0MDEyMTExMDgxODkyNTQ1MTE5NDM5WDExNzY2M1YxMjI1MTMxMTA2T
.ltt-versand.de/	1970-01-21 02:36:07	Name: tsv Value: kK8!IVLQsJWteJM!AQ\|CZSg!A!~tOQFNeA*3u
.o2online.de/	1970-01-20 18:00:36	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNzA1ODMxNjk4dmxlYTFkZTIwMjQwMTIxMTEwODE4OTI1NDUxMTk0MzdYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 18:00:36	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 18:00:36	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2024012111081892545119437X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNzA1ODMxNjk4dmxlYTFkZTIwMjQwMTIxMTEwODE4OTI1NDUxMTk0MzdYMTE3NzAzVjEyMjYxMzI3MDJNU
www.conrad.de/	1970-01-20 17:54:50	Name: HTLP_timestamp Value: 1705831698629
www.conrad.de/	1970-01-20 17:54:50	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:50:33	Name: __cf_bm Value: rYAdjXcTyI927U.jZp0SulQJc1iJuJSUaB6.sWqlFaQ-1705831698-1-AaIr5DNKpOU5Ms0SWTkNcmiPFKxag03ATDOXwuI1szO6gdZbAiUm4eGmauLpPhr8z9K2VegaZR0VRBZ0YJ0Xxco=
www.eprimo.de/	1970-01-20 17:54:50	Name: upprPostView Value: {"hp":"8000001991","em_source":null,"emid":null,"puid":null,"pvid":"65aced12141e30d18a7bbb83","lifetime":"2024-1-24 11:8:18"}

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891577780170225&output=html&h=280&slotname=8770311031&adk=1293947800&adf=3598941429&pi=t.ma~as.8770311031&w=1200&fwrn=4&fwrnh=100&lmt=1705831697&rafmt=1&format=1200x280&url=https%3A%2F%2Ftambayanstelesereyes.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705831697298&bpp=2&bdt=3753&idt=2&shv=r20240118&mjsv=m202401170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7235112623397&frm=20&pv=1&ga_vid=1176271165.1705831697&ga_sid=1705831697&ga_hid=1291952858&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31080442%2C44795921%2C31080505%2C95320376%2C95320868%2C95320890%2C95321626%2C95322162&oid=2&pvsid=67280301293385&tmod=797676438&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQ2bjzWD6hwuTSDgNtY6VC0p5WdhFuC2a2a8ir4T9K7nr_zJ_Y3rMJnFfLy8Ea13VoAboP_O6xk9x8AByiFXhIWJyiswRnnrLKwmJpM3Vgfe0D1G-ptHJUYjc2boKH8IpeqHL12e8EWEJON410grgVJNA&google_gid=CAESEJEou6jhlymoHv9VyZV6DCM&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
violation	error	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
adventori.com
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
atlas.r.akipam.com
banner.congstar.de
c1.adform.net
cat.nl3.eu.criteo.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
csm.eu.criteo.net
dclk-match.dotomi.com
eu.adventori.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ht.uppr.de
ibdhut.ltt-versand.de
id.rlcdn.com
imageproxy.eu.criteo.net
ius.ctnsnet.com
match.adsrvr.org
mb.moatads.com
netzwerk.uppr.de
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pinoyreplaytambayan.su
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
px.moatads.com
r.turn.com
res.cloudinary.com
rtb.ads.travelaudience.com
rtb.nl3.eu.criteo.com
static-de.ad4mat.net
static.criteo.net
sync-tm.everesttech.net
sync.teads.tv
tambayanstelesereyes.su
tpc.googlesyndication.com
track.webgains.com
travel198849194933.s.moatpixel.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.eprimo.de
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
z.moatads.com
135.125.163.195
141.147.81.223
142.250.185.226
147.135.143.66
15.197.193.217
151.101.2.49
167.233.13.224
172.217.18.6
178.250.1.6
18.132.155.94
18.155.129.96
18.158.46.130
18.158.75.134
18.195.130.181
18.66.27.36
2.18.161.148
2001:678:cb4:bbbb::11
23.192.250.178
23.205.93.33
23.35.237.151
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3032::6815:18d8
2606:4700::6813:afbe
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:26f0:480:588::523
2a02:fa8:8806:16::1370
2a05:d018:d29:3601:fb9e:de5f:307d:4267
2a05:d01c:1d8:8100:c911:5d1a:a3d7:1490
2a06:98c1:3120::3
3.11.114.248
34.77.79.66
35.186.193.173
35.187.184.108
35.190.0.66
35.204.158.49
35.244.174.68
37.157.5.84
51.68.38.14
51.89.9.251
54.37.204.178
84.200.5.215
87.118.116.9
91.121.248.44
0129f5be99b790e4a2d1b054c478d7bd628b168ed6b2a0a9c0b74d0e3aaff8ab
013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f
018d47c21cbfc5e72ff5935d15d85a2b9267d2523b55fdf325876b1909090cf7
01bf6a4d3cbea9dadf404cd188f7958dc36138e448d6f90b800ea30ae036e98a
01fbfca65701c89f0ad9e73a5e3500b46e7663c01886a082565b867409b840bc
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
047a5b3a29c324f32266de84239eb6a97fc3485737e8982a5dad5ac97eecb635
0608f1a7ef6606a2cfffc069a4dbfac115530a028c34f41fdee74025a8e041ee
07fcd1d0da6fa7a138f398aa484b99cdad68e5731ae83d6cac8f498a0ebc9277
0856dde410f2232f4427a0aa00512f4abe0d48f41ae695dafe603b64524f59c3
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
09cfc8c30452466f82619227c11b01d3052cd5dcbfbf4228fef670ef7f273823
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d5ee8743b8d45969da74b7946346d93dd456e8d1d5efc9b0f6a6246791c250c
0d89524066b13ab117f70f01b60cc264b532dabb40bb55715c4b1cec3ae2d4e1
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465
0e34571c8d944e1e55b5c87ee0b95a2398c805a0254f7c32509f6c8b2edf2482
0fe9781c230bfc4a9b8e0e2ef045f68bff093555ee101b672d9244cdc9927b26
144a0e7cbe04b781458336807e0356ec502aede0e52ee20f5a71b44f0dee2fb3
16d1d82baa4c285c80f061eb894c0ad577efc3bc65626bd1a559f80edeea6c74
1a89afcd794a4983a54db70307439068858e43334fe3e793b6467f63bc08426d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cdad1cd47d2d5852333f94edc59d8bb0178f7874884b216472accdd88525fe0
1d47af3271942dc973e3a44f2f734652abd184998d97caab17a6230eef6e6384
1f1a69d03804e8e53ea4964ac4edc5cfdb18d5496a420eb6c5c69ca570794377
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
230dda87857283ccb65cdc3e5104750336c13f6dbd7fc6f5d88f4426a5233863
23569f43eb13e8b8e63a39a7385238be9391a3e8124950922a5523f08cf0f5b6
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
29ad5ae81229da9bf23f212bb6573c8a45d62a4165fe560e09c5656c4748f792
2aab5a79ced34d2a0ca39b166596c36a365896b3c6d1e8960a22fab9edb8e56e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f8c82059ec6bcd17eb0751f8d6c9a7e5040bc58f59d88f1b6ebf8c192c6ff28
30f82bba7977da140ee09203670133339c3e6623bacc8aa4b92c0e32b09cc739
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32fa81ccc6c2b81b0ad44fd7ec10febb6f206a9845d1b8bf3453ba51d02144bc
34f4ebc96e1a92856ad6070c8ed3320911499a8e8859fb1a67212baedd074e41
35106f4af450ced7e266611f64909bf612fd6904a3a12380ed9cb75af99200dc
351df7d7374a249032d547aa9e04b699d83999cd013795ae3055337f8481e7f6
363411a8a1c078746c0e5d19f95c277086287f9ad52a4e932d480d004b999f4b
37f3c209ff4d95fb224af378c3b2fab59d6ae8b0d1cdfc2fcad8591e98b3624a
3a2465e783a9aa5311e8279c7dfc9d0f7ba5439b4cd97c3ffc38f3c89d100bdb
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3bb972305dc9ac1bf932d4dd3e816a93cf43fe37e29dbc26c693b2bc236b5046
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
4522a1476e76fedc04816c392f57a4a91dbce6d44bcecbfa0c7d7fb9eb3c13bf
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
465733440909ac6667ad37c111ac6b6f052853d14d5a9cbe19d163870219a244
4707e53ba48629ebca1197892648e5abfda5bf5db2d7483e2ee63e753c1442de
4803fb9ad425e3d59451441ac6a7c901a4392f78f7732f07aa2a5292503460bb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c851642ddc61a2093c2445e17251c1b7465d979185267312ddc5b496828813
48ec683dddd9075b02220a4d04658adeccf2dd597735da6ea45fe8f705bb195f
4bd5cf6400e20aea75c171d52b29fd088f8aa44bb063ae1b3bdb363896a6f74c
4bf3887fe18a589b529fd26761c1cb5f6e6867a28418fedde501c70df70c45c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f8699a5bc72a845b8991a8cbaa65dbc3cd2a64252e04683e310445d368299c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572c81bd1a99e559e2d8c9203a48e7e3ed17ed47a6a5e53c10ca9b0946451aa2
59003ff074b41d04e920874bab61326cb84b4235a07621b31474496bff5dc9a3
5c6a31c295e712e8e9e0875189171f743c70a2da3d2b3f975ed577844698fc5f
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5ccbf5b3ae7a5ef5fb869f463fb089d69be3e8af8157f20f0e0ff65041cd0e49
5e8c83d29dea6243470b9ee1b2a169991a71dfce32195d4b61d44e48058d3c61
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
6044955b9414c2cc35e8bcb32457b972f62266cc998cb43177f944c613c5deb3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6425db30c2f4b4c16c5105a28a748f83e4fff8679941be6ed874c915cdfc12cb
648bdb48e379402c9c95a4234ee9fb93fa02bc547b77e5ed04610e4811810b02
64fd241c296a664bdf5a363d2206097358821d1e0ce880d2f9a825f6fbf370ad
6524c7a37dbd2d845f8c924e1130fc69e3d0681b54b51487a53c7984f267349b
65cb0c98ca33dd9257fdc3004c9873488d2f45b2d24db368b5baf63294a2423b
65e308187351398e32580e3c7a416cd281216d02ca28b4cdef13ca884f1c2663
684d04785f6e6cdf43d4f892c3f45ddb3b5756fc399840ff70e3bae73a01bc20
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70a3bb2a36d217f29e837d070dc4c87f873cedb85b1a5066148b283c1ce9457f
71287bbe81b599e1c714660aefed5ac4a7fec996c66856d21ac83654f23a6e52
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7703c4e3d927622f08ad5c89960238ef9024b4ce1fc24be74ac71846ea675c85
777bb6ff27612d220e678b822acb49a14ee20f649644fbb9fb1fa83fbf974fd1
77fdc2ebec4afc6be8dfed1305d81aa779a3cacf1edd56837caefc03a2b3fc61
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
7b96cde7491c8bbf9a865074b6ce9c4fe53b6906c2ca7e2402c64beded814365
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7e44d7ab945ab268d6cfa9bda9e1c81641a5ffff8e606db8770152dfd4981977
816df849a50e34e10c7db6e51cd883feeb5300447f46de270521584ffd7b4ee7
83c5840c635e009f19d22edd0299958db471d0c3ad367f3ea1da34b845354937
841fa257d453259e7adb822afaec7d35d6decedce6e33b21be95696d54103f60
845f0a2e15f8e55c90da61b0b00abe4a09fd979546e1b96667b83245533e629a
85150ba6c84a14583c068f48cdbac40bd951c7f4d51bf2ecc253a32bd27bc10f
85a89ee2045a2a314dcce68c994122cefa35a2b07c3dbc72b487cd6faadb434c
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
8ad699b94dcb8ac5c24ab5f4e6bfaa6fa8ddd26d90ff42fc3e395a8310684512
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9341de86e937a45a93d5120d0a9d94cdfdbfcbd2e4da2a1c529fdc69d6b4d2e0
96c7ed97e33ce3ab7cb92fcfd00ce602bb4fc31faf7c11e715c6b73910066935
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1406fe13a9ec1a44dca475731a925d1fb18452e66f5f310a2121bbe78e7e6f1
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3d16330e15cf7067165f91cd75795eb250da8ce8fbeac7d1a061f4383131f51
a48dc232a2b00cfa6f77957e547a6dfe864b9610fdfd624534b6682ac4864140
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9321278b7adbbce80afa9b6f00c3bb052156c9c49cf31ef74fe19f5d9922c42
b20f23fef547a1c50b5cb2a3320ffb3a4387d25f24e73f7320ecd4d9417bc18f
b3cd68f3201ce6b82cf1bedf94449aa245a23ee61b1a4b520eb0acf68aa32220
b5cbed9147f88e081848cdd63a0791004ad19c85d075033508db726df783c558
baccf45a36486a2abc76291138c8661c88e8a2aa1ad74d279882ae80245e0fb4
bb78fac7a57b4df84422b70b78e2537036ec7dbb945e2faf30b4585784051255
bcecf3419923a5653d60000b6edb7c1e818306f02e1179e6e811c3f18c7f94a7
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c07a0d83eb1e95f6797657b7a0167d6383c8f49c34537199c3fc96f353eff2af
c43f3aa73dbd3a611a2ea3a973ccb99b4ce6aaf19e7e04de5adb76b060f75ee7
c847af5e2671f0a4508f3f4559dd66e33ef0321fdf225317254fdcfb1ab2e559
c8a33e64183ef5e3ed2443484cabd4708e5602d9acf9f2c62c76ddaab8f2a16a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce3d559858044df16660b179be044c1bbd0a50899e71497406fb08acee5825fe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d3925d45d3b8e8847401695160ae87e4a798d6064bc79be3b1ea7d2660ef5f53
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d47cec94fe363e95524640048dbb86edfe80e62e47958e880cbcad5745d70590
d536b27c08b430c3a31086bc8b4e5cc0d80b0e94407189b90b385d03af1754f2
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d69cb9882549216251663384de0b38d8475a77c3d140f20f313652f758b3d018
dd9263387620380aed5251f808fc54258e80c1865fb2af38b47cbe3865a5992f
df401f6d2a5004901e2cee63bef0497715284cb163d85bc2861ca055cf7c779f
e36246b8219bfd220ce1bc95e76230459591a6e52f21fa862e82155dbe2b0998
e387fdbd22cc33d1e0c3a1c7fadfa325a37fc7062dbe178cacdebe6a949b857c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d6f5368f2d13d71cc2aaa70158ce2647c09a196e9705c015fdd50bf8713ed6
e4803eda0af01b46bcef917a72c16b1d42e157fcb2045f56b9ce40c37de51b92
e5b6d98fc3723ca67715e501f8904a7eade81db109f22d710c8cf4b27a8baf82
e80e55f89af85f4b661c29ab952db79607f1565c7812416a4c6619a28f78d787
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ead545fcb1046493bddf875ea00c2ce392933ff92913137d5dffc9ba3931c5a3
eb321c8917b4cd2798ad07084aeaaa7290ad6fa5df3bbcc52a185c2414809e49
ec353efd488fd717cd879488d52c1467358f6254d1b3520a3b2a3e1f61497b67
edf1f567fd0e29d5899e287541a1623601c1b33cea621dbe80eaefbbaea28ff1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c926922a4a9d225edad8548ee93b9b89293911509426b8db5c89855027f88
f01a0af6a838a805c4d1d3062540b488ecd2b0300fd5d25c7ddc330f072044aa
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f8b6ab3ba2344107041789a477a156ec87b37e2119f77ca1e8a4437e64e7f846
f9740052f52197cc9bbfeb0eec75be6f0ca645314a921a481b7b2f061ad4b003
fe4b763d6ffc8718a929579aa6cf569951f89afd83d54feda96395b96aca1e8e

tambayanstelesereyes.su Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

272 Requests

90 %HTTPS

42 %IPv6

46 Domains

63 Subdomains

47 IPs

9 Countries

2975 kBTransfer

6326 kBSize

38 Cookies

0 Outgoing links

Page URL History

Redirected requests

272 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tambayanstelesereyes.su Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

272
Requests

90 %
HTTPS

42 %
IPv6

46
Domains

63
Subdomains

47
IPs

9
Countries

2975 kB
Transfer

6326 kB
Size

38
Cookies

272 HTTP transactions
6 data transactions