bigimage.11zon.com Open in urlscan Pro
18.66.112.66 Public Scan

URL: https://bigpdf.11zon.com/en/compress-pdf/
Title: Compress PDF

URL: https://bigpdf.11zon.com/en/merge-pdf/convert-multiple-pdf-to-one.php
Title: Merge PDF

URL: https://bigpdf.11zon.com/en/merge-pdf-and-image/
Title: Merge PDF and Image

URL: https://bigpdf.11zon.com/en/split-pdf/split-pdf-free.php
Title: Split PDF

URL: https://bigpdf.11zon.com/en/crop-pdf/
Title: Crop PDF Page

URL: https://bigpdf.11zon.com/en/organize-pdf/
Title: Organize PDF

URL: https://bigpdf.11zon.com/en/rotate-pdf/
Title: Rotate PDF

URL: https://bigpdf.11zon.com/en/remove-pdf-pages/
Title: Remove PDF Pages

URL: https://bigpdf.11zon.com/en/extract-pdf/extract-pages-from-pdf.php
Title: Extract PDF

URL: https://bigpdf.11zon.com/en/extract-images/
Title: Extract Images

URL: https://bigpdf.11zon.com/en/add-numbers-pdf/
Title: Add Page Number

URL: https://bigpdf.11zon.com/en/add-watermark-pdf/add-watermark-to-pdf.php
Title: Add Watermark

URL: https://bigpdf.11zon.com/en/images-to-pdf/
Title: Image to PDF

URL: https://bigpdf.11zon.com/en/images-to-pdf/combine-jpg-to-pdf.php
Title: JPG to PDF

URL: https://bigpdf.11zon.com/en/word-to-pdf/convert-word-document-to-pdf-online-free.php
Title: Word to PDF

URL: https://bigpdf.11zon.com/en/powerpoint-to-pdf/convert-powerpoint-to-pdf-online-free.php
Title: Powerpoint to PDF

URL: https://bigpdf.11zon.com/en/excel-to-pdf/convert-excel-to-pdf-online-free.php
Title: Excel to PDF

URL: https://converter.11zon.com/en/epub-to-pdf
Title: Ebook to PDF

URL: https://bigpdf.11zon.com/en/text-to-pdf/
Title: Text to PDF

URL: https://bigpdf.11zon.com/en/pdf-to-images/
Title: PDF to Image

URL: https://bigpdf.11zon.com/en/pdf-to-images/convert-pdf-to-jpg-online.php
Title: PDF to JPG

URL: https://bigpdf.11zon.com/en/pdf-to-word/convert-pdf-to-word-document-online-free.php
Title: PDF to Word

URL: https://bigpdf.11zon.com/en/pdf-to-powerpoint/change-pdf-to-powerpoint-online-free.php
Title: PDF to Powerpoint

URL: https://bigpdf.11zon.com/en/pdf-to-excel/
Title: PDF to Excel

URL: https://converter.11zon.com/en/pdf-to-epub
Title: PDF to Ebook

URL: https://bigpdf.11zon.com/en/pdf-to-text/
Title: PDF to Text

URL: https://bigpdf.11zon.com/en/unlock-pdf/
Title: Unlock PDF

URL: https://bigpdf.11zon.com/en/protect-pdf/
Title: Protect PDF

URL: https://imagecompressor.11zon.com/en/image-compressor/
Title: Compress Image

URL: https://imagecompressor.11zon.com/en/compress-jpg/
Title: Compress JPG

URL: https://imagecompressor.11zon.com/en/compress-png/
Title: Compress PNG

URL: https://imagecompressor.11zon.com/en/image-compressor/compress-jpeg-file-online.php
Title: Compress JPEG

URL: https://imagecompressor.11zon.com/en/compress-webp/
Title: Compress WEBP

URL: https://imagecompressor.11zon.com/en/compress-heic/
Title: Compress HEIC

URL: https://imagecompressor.11zon.com/en/compress-bmp/
Title: Compress BMP

URL: https://converter.11zon.com/en/image-to-jpg/
Title: Image to JPG

URL: https://converter.11zon.com/en/image-to-png/
Title: Image to PNG

URL: https://converter.11zon.com/en/image-to-jpeg/
Title: Image to JPEG

URL: https://converter.11zon.com/en/image-to-webp/
Title: Image to WEBP

URL: https://converter.11zon.com/en/webp-to-jpeg
Title: WEBP to JPEG

URL: https://converter.11zon.com/en/heic-to-jpeg
Title: HEIC to JPEG

URL: https://converter.11zon.com/en/image-to-jpg
Title: Image Converter

URL: https://converter.11zon.com/en/docx-to-pdf
Title: Document Converter

URL: https://converter.11zon.com/en/xlsx-to-pdf
Title: Excel Converter

URL: https://converter.11zon.com/en/pptx-to-pdf
Title: Presentaion Converter

URL: https://converter.11zon.com/en/svg-to-jpeg
Title: Vector Converter

URL: https://converter.11zon.com/en/dwg-to-pdf
Title: Cad Converter

URL: https://bigzip.11zon.com/en/zip-file-maker/
Title: ZIP Maker

URL: https://bigzip.11zon.com/en/zip-extract/
Title: ZIP Extractor

URL: https://bigbarcode.11zon.com/en/barcode-generator/
Title: Barcode Generator

URL: https://passwordgenerator.11zon.com/en/password-generator/
Title: Password Generator

URL: https://support.11zon.com/contact-us

URL: https://app.11zon.com/login
Title: Log in

URL: https://app.11zon.com/register
Title: Sign up

URL: https://app.11zon.com/profile
Title: Account

URL: https://app.11zon.com/files
Title: Processed Files

URL: https://app.11zon.com/logout
Title: Log out

URL: https://www.11zon.com/clear/?page_url=https://bigimage.11zon.com/en/image-resize/

URL: https://support.11zon.com/en/contact-us
Title: Help

URL: https://imagecompressor.11zon.com/en/image-compressor/compress-image-size-online.php
Title: Image Compressor

URL: https://converter.11zon.com/en/image-to-jpg/convert-image-to-jpg.php
Title: Image Converter

URL: https://about.11zon.com/en/overview/
Title: About

URL: https://policies.11zon.com/en/privacy/
Title: Privacy Policy

URL: https://policies.11zon.com/en/terms/
Title: Terms and Conditions

URL: https://support.11zon.com/en/contact-us/
Title: Contact Us

URL: https://www.11zon.com/en/
Title: English

URL: https://www.11zon.com/de/
Title: Deutsch

URL: https://www.11zon.com/es/
Title: Español

URL: https://www.11zon.com/pt/
Title: Português

URL: https://www.11zon.com/fr/
Title: Français

URL: https://www.11zon.com/ar/
Title: العربية

URL: https://www.11zon.com/it/
Title: Italiano

URL: https://www.11zon.com/id/
Title: Indonesia

URL: https://www.11zon.com/ja/
Title: 日本語

URL: https://www.11zon.com/th/
Title: ภาษาไทย

URL: https://www.11zon.com/tr/
Title: Türkçe

URL: https://www.11zon.com/ko/
Title: 한국어

URL: https://www.11zon.com/ms/
Title: Bahasa Melayu

URL: https://www.11zon.com/ru/
Title: Pусский

URL: https://www.11zon.com/tl/
Title: Filipino

URL: https://www.11zon.com/vi/
Title: Việt

URL: https://www.11zon.com/zh-cn/
Title: 中文 (简体)

URL: https://www.11zon.com/zh-tw/
Title: 中文 (繁體)

URL: https://www.11zon.com/no/
Title: Norsk

URL: https://www.11zon.com/nl/
Title: Dutch

URL: https://www.11zon.com/af/
Title: Afrikaans

URL: https://www.11zon.com/pl/
Title: Polski

URL: https://www.11zon.com/el/
Title: Ελληνικά

URL: https://www.11zon.com/ro/
Title: Română

URL: https://www.11zon.com/hi/
Title: हिन्दी

URL: https://www.11zon.com/bn/
Title: বাংলা

URL: https://www.11zon.com/ta/
Title: தமிழ்

URL: https://www.11zon.com/te/
Title: తెలుగు

URL: https://www.11zon.com/ur/
Title: اردو

URL: https://www.11zon.com/pa/
Title: ਪੰਜਾਬੀ

URL: https://www.11zon.com/mr/
Title: मराठी

URL: https://www.11zon.com/kn/
Title: ಕನ್ನಡ

URL: https://www.11zon.com/gu/
Title: ગુજરાતી

URL: https://www.11zon.com/sr/
Title: Српски

URL: https://www.11zon.com/uk/
Title: Українська

URL: https://www.11zon.com/sv/
Title: Svenska

URL: https://www.11zon.com/bg/
Title: български

URL: https://www.11zon.com/fa/
Title: فارسی

URL: https://www.11zon.com/hu/
Title: magyar

URL: https://www.11zon.com/ca/
Title: Català

URL: https://www.11zon.com/fi/
Title: Suomi

URL: https://www.11zon.com/et/
Title: Eesti

URL: https://www.11zon.com/lt/
Title: Lietuvių

URL: https://www.11zon.com/lv/
Title: Latviski

URL: https://www.11zon.com/cs/
Title: Čeština

URL: https://www.11zon.com/da/
Title: Dansk

URL: https://www.11zon.com/sq/
Title: Shqip

URL: https://www.11zon.com/ha/
Title: Hausa

URL: https://www.11zon.com/am/
Title: አማርኛ

URL: https://www.11zon.com/kk/
Title: қазақ

URL: https://www.11zon.com/si/
Title: සිංහල

URL: https://www.11zon.com/sk/
Title: slovenčina

URL: https://www.11zon.com/sw/
Title: Kiswahili

URL: https://www.11zon.com/uz/
Title: O‘zbek

URL: https://contact.11zon.com/en/privacy-policy/
Title: Privacy Policy

URL: https://contact.11zon.com/en/terms-and-conditions/
Title: Terms

URL: https://www.facebook.com/11zon.Official

URL: https://twitter.com/11zon_Official

URL: https://in.pinterest.com/11zon/

URL: https://www.instagram.com/11zon.official/

URL: https://www.paypal.com/paypalme/real11zon

server-18-66-112-66.fra56.r.cloudfront.net

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bigimage.11zon.com/ HTTP 301
https://bigimage.11zon.com/ HTTP 302
https://bigimage.11zon.com/en/image-resize/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 51

https://googleads.g.doubleclick.net/pagead/adview?ai=C1V3HoIFsZejzCPGB1fAPxaKgoAHWpLzIdK2h5rD9EZzgwovBARABIJzvm3ZglfKLgpgHoAHOq4fUA8gBAqkCXwoFms8NaD6oAwHIA8kEqgTcAU_QW-XYCDit8GGKN1A7StWfFaeKS9AgwXETqkY0icPZDnBqRSIrFR7pLCKK-5eOokPoFg5uMUkfVNlwNQJK3z9iGd2OUB1Jz-srT8PUzH4Ja50tSPTSBypqdwYr3SrZpkJzV7tOpWfX5hnzc9vohGn8U-T265Yw1fd1omsjiLxON6OA5rXY6NpnNsTdEuQt1ZTgCOL3F_S5eGEFTWqIwzYLBX26O6IUvxXWtarcbB6UlLkdGZI8puyCu8xqY0c3yjxDQ95Iu-HipGP9gmi4mKa1y2uy9pVdvXS2iUvABJvLupjJBIgFmc2Q20ySBQQIBBgBkgUECAUYBKAGAoAHxIW_iAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDS-ybSCB8IgOGAEBABGF8yAqoCOgKAQEi9_cE6WLint-eu84IDmgmJAWh0dHBzOi8vd3d3LmNvbmNlcHQuY3ovcm9ib3RpY2t5LXZ5c2F2YWMtcy1tb3BlbS12aXNpb25lLTNkLXZyMzU1MF9kMTcxNjU2Lmh0bWw_dXRtX3NvdXJjZT1kaXNwbGF5JnV0bV9tZWRpdW09YmFubmVyJnV0bV9jYW1wYWlnbj1oZXVyZWthgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTAtAVAYAXAbIXHAoaCAASFHB1Yi0zMDYzMTM5NDQ2MDcyMzI4GAA&sigh=wNhaxv6vCJA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNiFv5w3XVUNlLtalVr7BdNqZbcxdflBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210753772156678325710%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981587406%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228343046428642254513%22}&andc=true

Request Chain 52

https://googleads.g.doubleclick.net/pagead/adview?ai=CwUjloIFsZe_LDJ6D5LcP_cmo-Afvvta6dOujquaCEsD0xtSRDhABIJzvm3ZglfKLgpgHoAG22KvJA8gBAqkCXwoFms8NaD6oAwHIA8kEqgTbAU_QN73cXxLN_wkjhUCuai1jupJcufSN6LMiKdWN9MXX4s9ZmKWaRaA_-3oDkAOwOplUE2gRW1AZSsMFN7TJD9CkEpJ8w7OChgrQy3YSIQVcKmqe1gqHLgFHjGX0neMzPgtwJxIBXVF7MfZa5BUaZaTVh32rhQoSHXqLsxPZ0tydDpLVqeJT_gt5EB7LpUqYDKp5VxC3IFNppwn90yf3TkCYvR0bWpPKrJjjWHAvoKBdTuBVvIDjMK_6uFYq21L6uowQjkFNmA9PH4SCHSkfgJY53F4iiniH6akiG8AEuNaflsQEiAXb392cTZIFBAgEGAGSBQQIBRgEoAYCgAeyp9Q2qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQyNQV0ggfCIDhgBAQARhfMgKqAjoCgEBIvf3BOli67bbnrvOCA5oJswJodHRwczovL3d3dy5zYW1zdW5nLmNvbS9jei93YXRjaGVzL2dhbGF4eS13YXRjaC9nYWxheHktd2F0Y2g2LWJsdWV0b290aC00MG1tLWdvbGQtYmx1ZXRvb3RoLXNtLXI5MzBuemVhZXVlLz9jaWQ9Y3pfcGRfZGlzcGxheV9nZG5fZ2FsYXh5LXdhdGNoNi1zZXJpZXNfc3VzdGFpbl9nYWxheHktd2F0Y2g2X2Jhbm5lcl9iYW5uZXItMjMxMDMwX25vbmVfMy1vci1tb3JlLXRhcmdldGluZ18zU0FNMDIwNEkmdXRtX2NhbXBhaWduPWdhbGF4eS13YXRjaDYmdXRtX21lZGl1bT1jcGMmdXRtX3NvdXJjZT1nb29nbGUmdXRtX2NvbnRlbnQ9YmFubmVygAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMDYzMTM5NDQ2MDcyMzI4GAA&sigh=V0r28JOwZCg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNjfLBKM6FS6FdQ366OgdS3Fvt65OEURgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217720667005374315234%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22959114294%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225116799260701375217%22}&andc=true

Request Chain 67

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a09140f4-025c-4445-a6a1-97b7c02ed7b0&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=bc0c9223-bad2-430b-9ca9-6d5cfa5c0b34&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D6ab30abaa1194bab9285cd39f15330c1%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=486369933165060582 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6ab30abaa1194bab9285cd39f15330c1&SNR=1&GV=2&med=10

Request Chain 73

https://googleads.g.doubleclick.net/pagead/adview?ai=CR01foIFsZejzDIilkwPhzqiACPeY4rB06NDyjd8RjqzBpacmEAEgnO-bdmCV8ouCmAegAYSMmbwCyAEJqAMByAPLBKoE3gFP0ORLrXpgGrmGIxMcwU5kJru00BLVJDzoM9pf0o9gZrVq9geJBggqp-s62CZDVvuFKOoFmglKSH8eVFEyFfdGI4bX7_MN559Kfq2lVn3-JhFj0DR8cgec_df8SdfxKOhf66Ul5z6zWtgQp6fUdn2ovGfRNRcnG8JECHxaQKhL-5Lqwf4H30g44TssQl0qslp7ylpA9rEhVzbClezblKxsx8vJ-dr6NEBSu-Id_6QixQ4CUIqKCNRSnh63jxWIZOW00SX-tkVAMjsh0VKZMWChy9JiZ6MahcLGeea_2rnABLuakt-6BIgFj7vMm0CSBQQIBBgBkgUECAUYBKAGLoAHu4_-uwKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCxoyLSCB8IgOGAEBABGF8yAqoCOgKAQEi9_cE6WMKOt-eu84IDmgm2AWh0dHBzOi8vZ2V0c3RhcnRlZC50aWt0b2suY29tL2RlLWJyYW5kP2xhbmc9ZGUmYXR0cl9zb3VyY2U9Z29vZ2xlJmF0dHJfbWVkaXVtPXBtYXgtYWQmYXR0cl9jYW1wYWlnbl9pZD0xNzI1MDI4MzE5MyZmdW5uZWw9UHJvc3BlY3RpbmcmdGFyZ2V0aW5nPWFsbCZjcmVhdGl2ZT1UZXh0Jm5vX3BhcmVudF9yZWRpcmVjdD0xgAoByAsBogwQKg4KDOS0sQLutbECtbixArgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItMzA2MzEzOTQ0NjA3MjMyOBgA&sigh=o1oXVypXsVQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNsVn_v45Ot8jFbq7N-Hx9_tk4GjGbEhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212854422863640748960%22,%22debug_reporting%22:true,%22destination%22:%22https://tiktok.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663111172%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221623855534229011137%22}&andc=true

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a09140f4-025c-4445-a6a1-97b7c02ed7b0&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=bc0c9223-bad2-430b-9ca9-6d5cfa5c0b34&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D6ab30abaa1194bab9285cd39f15330c1%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=486369933165060582 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6ab30abaa1194bab9285cd39f15330c1&tids=15000&med=10

102 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bigimage.11zon.com/en/image-resize/
Redirect Chain

http://bigimage.11zon.com/
https://bigimage.11zon.com/
https://bigimage.11zon.com/en/image-resize/

318 KB
72 KB

10ms
10ms

Document
text/html

18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

7683d6828c6ec4fe263f783665eedf06a0ee3dadc68b1f0d4cd0c87a796bb4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1054167
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Nov 2023 08:35:19 GMT
expires: Thu, 21 Dec 2023 08:30:43 GMT
server: Server
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: jcK_I1NvRu4N-6AGN9_cRbYGbYczLUDu2MJ7fRQZkeDcFpurXbIn7Q==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

Redirect headers

age: 878388
cache-control: max-age=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 09:24:59 GMT
expires: Sat, 23 Dec 2023 09:20:22 GMT
location: https://bigimage.11zon.com/en/image-resize/
server: Server
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: Xv_EWL6W2oOMvgL7ZmNfeoGRN2FrJEIjBVHTkzn88TWK2sEjbZY8PQ==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

OPTIONS
H2 200 token
bigauth.11zonapis.com/api/v1/auth/ Frame 0
0 171ms
134ms Preflight
application/json 2606:4700:3108::ac42:28a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigauth.11zonapis.com/api/v1/auth/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,uid
Access-Control-Request-Method: POST
Origin: https://bigimage.11zon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://bigimage.11zon.com
alt-svc: h3=":443"; ma=86400
cf-ray: 82fc21c628214daf-FRA
content-length: 14
content-type: application/json;charset=UTF-8
date: Sun, 03 Dec 2023 13:24:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iJag1P%2BbsD7kmqxRXdRMkY9oBJcfmg%2FQdXShTPmLLf7pf0hadwhE0ESp0yBu5j%2FMKbfwZnqkSVjOS3mdClqKcc7V%2FQjmp5ViHlDAR5XWluycFZED8TPuLnPpBJAEfCwOWT4Lb8ExCVyftJgcBCsH%2Fg7Gyc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 token Show response
bigauth.11zonapis.com/api/v1/auth/ 380 B
636 B 695ms
695ms XHR
application/json 2606:4700:3108::ac42:28a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bigauth.11zonapis.com/api/v1/auth/token

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a629e923e0fa010cf40cbb739fa7b1d6bdca74538e47119c6e871023103481

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigimage.11zon.com/
uid
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
authorization
Content-Type: application/json

Response headers

date: Sun, 03 Dec 2023 13:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5Wcm5%2FdZnptpLG0hraEXEhVZBVEUYdR72PExmnC5aEE2lVTMW9vBYLTmMjKfq6CQvH1e8USCGfTdHYsFxwVx0BkgBd4UakVJQilB69V8C6mNu0NFnKfYGtJqygDi4M0724dCbvWvqUuCMr8dWJbG804OkE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://bigimage.11zon.com
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
cf-ray: 82fc21c709304daf-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon.png
cdn.11zonapis.com/img/ 984 B
1 KB 75ms
21ms Image
image/png 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.11zonapis.com/img/icon.png

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2eb3c85371ad601bf6d6ec9f55624fe8e6ec63471608c52bf4a095b04e9d53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6376
alt-svc: h3=":443"; ma=86400
content-length: 984
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "6e3ce6cc42f00d5b3bedd9e55d5ea215"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp7aF0qWuw7T%2B0M0sOA8dy%2BcaDwibmUEFo3TWVAtEx7HDzN1duvcFkdriaWD9uch79bw6OL0%2BYOxEf6XLEVsdpjNF0hiG9c%2FKj1iV%2BIgyrD3HaksdMqq9YO5LP%2BStJbG0%2FqCRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
accept-ranges: bytes
cf-ray: 82fc21c65e635c85-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 111ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3063139446072328

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfd0fc4a409c099dd4f2f778266e0baf6c6f2c9ffe0302cfff0edaf6b0319e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Origin: https://bigimage.11zon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52791
x-xss-protection: 0
server: cafe
etag: 1739845481465514722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:24:47 GMT

GET
H2 200 11zon_qrcode.webp
cdn.11zonapis.com/img/ 3 KB
4 KB 67ms
17ms Image
image/webp 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.11zonapis.com/img/11zon_qrcode.webp

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e42b4975e4b89c7c9a378384c7ccbdd153245d1cb585dde69360f553b10234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449
alt-svc: h3=":443"; ma=86400
content-length: 3240
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "e9d5bd045dcdf5850bb980bcfff74c6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7VLN3bbH1TM34%2FppOh13Svgj5Z4KfZzvi8F%2BedB6LtUPxPJr4oUSeCAcJ0YCWbH58w83i5mg7mD%2BChs7IsOR7Uv5KNl6dI4CzQ0Y01IpCWpRotmC4JDe6apSc5VgwLiqBzxFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, must-revalidate
accept-ranges: bytes
cf-ray: 82fc21c65e645c85-FRA

GET
H2 200 btn_paywith_primary_l.png
www.paypalobjects.com/webstatic/en_AU/i/buttons/ 5 KB
5 KB 85ms
25ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/en_AU/i/buttons/btn_paywith_primary_l.png

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48FB) /

Resource Hash

9cd8e32b2e950c87176a0b75cef2c02a2be7f343e938e86f3fb5d384a368f45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 4740f9a0a0bca
dc: ccg11-origin-www-1.paypal.com
content-length: 5112
last-modified: Thu, 24 Jul 2014 17:41:52 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (ama/48FB)
traceparent: 00-00000000000000000004740f9a0a0bca-ee03a22717e47518-01
etag: "53d14560-13f8"
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sun, 03 Dec 2023 14:24:47 GMT

GET
H2 200 FileSaver.min.js Show response
cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/ 3 KB
2 KB 36ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/FileSaver.js/2.0.5/FileSaver.min.js

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68874cbaa2fd1650b7d770b328680ea765fb3376023cc3608427fde4f0d0481

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigimage.11zon.com/
Origin: https://bigimage.11zon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 293159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1122
last-modified: Thu, 19 Nov 2020 15:31:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fb68fc1-abd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFIqeE9TrJhwbNEKMb1v6TDtQtVMffSejD0c0cQKPj7rc0nkCm%2FsajeqxMxWER5EA7PZ0syKkYsk%2FaLFIXTQPujGeL%2BkijujRURPjwRgkG78UhbnTmCx6XNJtCo5GO1XjCO%2FEm3fD72ODOC1vGTRVDPk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82fc21c618803836-FRA
expires: Fri, 22 Nov 2024 13:24:47 GMT

GET
H2 200 app.zon.min.js Show response
cdn.11zon.com/js/app/0.0.6/ 6 KB
3 KB 18ms
8ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.11zon.com/js/app/0.0.6/app.zon.min.js

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

Server /

Resource Hash

2d22feeae3513c1c465ba7a9b21248aed2252bb4d05819020bd2ef25e02ec2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 10:29:31 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 3120916
x-cache: Hit from cloudfront
content-length: 2112
x-xss-protection: 1
last-modified: Sun, 22 Oct 2023 04:39:25 GMT
server: Server
etag: "1731-60846b0ae0740-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2Bpjz4-gZeto2vX3lr7MUeF5iFYngvo_G70UplpIKJhe1RP9jkEcAg==
expires: Sun, 27 Oct 2024 10:25:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 97ms
41ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186849701-2

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78ee76a6e0482a59b90795aeebea124abe28071b7e866ea92a89a7be1b3a784f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69004
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Dec 2023 13:24:47 GMT

GET
H2 200 zonslider.min.js Show response
cdn.11zon.com/js/zonslider/1.2.1/ 13 KB
4 KB 8ms
8ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.11zon.com/js/zonslider/1.2.1/zonslider.min.js

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-66.fra56.r.cloudfront.net

Software

Server /

Resource Hash

647e47274d75d0c44196d5071d11450a5caf6f67564cf1056cb703718a236a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 10:30:23 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 3120864
x-cache: Hit from cloudfront
content-length: 4043
x-xss-protection: 1
last-modified: Fri, 08 Sep 2023 07:38:58 GMT
server: Server
etag: "35cd-604d411c6e040-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8RrBczjma8175RHtufpt3MVzBMyFxo7yPXg9d9KtZkQ7aDjJp2MQng==
expires: Sun, 27 Oct 2024 10:25:56 GMT

GET
H2 200 donation Show response
feedback.11zonapis.com/api/v1/service/ 14 B
303 B 16ms
16ms XHR
application/json 2606:4700:3108::ac42:28a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.11zonapis.com/api/v1/service/donation

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigimage.11zon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bigimage.11zon.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tXekcttcSMg9pAMxL9IHSnk5A8XlT4SWiRYq7R44lOYfz%2F09eN233PpYySrbSCeJf4QonbyFgNR9USvfzn%2Fzg1fkw6YE948YYIJZM9FfBiSplyAIQOpPVxbTx19pB1PtWuJs0PgN%2Fih%2Bo4PCk9CLkEIldQf"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-credentials: false
cf-ray: 82fc21c6f9224daf-FRA
access-control-allow-headers: authorization,content-type,device,uid,user-id,x-csrf-token
content-length: 14
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 donation
feedback.11zonapis.com/api/v1/service/ Frame 0
0 101ms
82ms Preflight
application/json 2606:4700:3108::ac42:28a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.11zonapis.com/api/v1/service/donation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bigimage.11zon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: authorization,content-type,device,uid,user-id,x-csrf-token
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://bigimage.11zon.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cf-ray: 82fc21c668764daf-FRA
content-length: 0
content-type: application/json;charset=UTF-8
date: Sun, 03 Dec 2023 13:24:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQqi5wXrKiPp3IBTfUV9F0Swf0McFXvQMDO60%2FZsw%2FcZXjLawSV1JQYh%2FIsuwUUhovvut3s5gyKdveLSxgOzimVTFp%2BNPRlJNRLu%2BMxwxPyjYSL5johuZ5778ud7EdLSy%2FVkqmPRbnyk5B%2FV5a%2BF%2FA3Xd%2FdR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 107ms
77ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3063139446072328&plah=bigimage.11zon.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3063139446072328

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e87b95a1b62e148a9d8fa362c48f17bc99f798c9fbf8207c9acfd1bbffeedfbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137286
x-xss-protection: 0
server: cafe
etag: 7437960089844688624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:24:47 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 04EA 9 KB
4 KB 49ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3063139446072328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5N7Y13T7HX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186849701-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4232411242b90bead0e7e3ef31ba15bc72f5c42125b963ea60dac0d66cbdf5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 13:24:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 44ms
13ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186849701-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 12:17:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4025
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Dec 2023 14:17:42 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 17ms
17ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=448540796&t=pageview&_s=1&dl=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ul=en-us&de=UTF-8&dt=Resize%20Image%20Online%20-%20Best%20Image%20Resizer%20Tool&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1047504638&gjid=499469170&cid=1930751989.1701609888&tid=UA-186849701-2&_gid=1474804380.1701609888&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=303684730

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigimage.11zon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigimage.11zon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 46ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5N7Y13T7HX&gtm=45je3bt0v9115804496&_p=1701609887729&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1930751989.1701609888&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701609887&sct=1&seg=0&dl=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&dt=Resize%20Image%20Online%20-%20Best%20Image%20Resizer%20Tool&en=page_view&_fv=1&_ss=1&tfd=388
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5N7Y13T7HX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigimage.11zon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B84 196 KB
53 KB 500ms
499ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&adk=1812271804&adf=3025194257&lmt=1701609888&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l&format=0x0&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887824&bpp=4&bdt=172&idt=256&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3225448428571&frm=20&pv=2&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3063139446072328&plah=bigimage.11zon.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d497d9cf26f180fd1cda9a8f3b3bb6da7f50207b00b287a82417c78c267dd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 53917
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
expires: Sun, 03 Dec 2023 13:24:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CEF2 46 KB
18 KB 783ms
782ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=90&slotname=2797767427&adk=2257568635&adf=2323279552&pi=t.ma~as.2797767427&w=728&lmt=1701609888&format=728x90&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887828&bpp=1&bdt=177&idt=272&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33c1ff82f2a1a0eb8dad133cf2f9ecb2139c72ef409ed9fa90c62ad66fd52a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
expires: Sun, 03 Dec 2023 13:24:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3816 102 KB
38 KB 480ms
480ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=250&slotname=7926342154&adk=2603456720&adf=3869583371&pi=t.ma~as.7926342154&w=300&lmt=1701609888&format=300x250&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887829&bpp=1&bdt=178&idt=276&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=198&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=279

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

630b834ac095ae18129080e24a46b37d896e42044996112ff35f937ae8a4949f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38669
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
expires: Sun, 03 Dec 2023 13:24:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAEF 115 KB
39 KB 559ms
559ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=280&slotname=8628995835&adk=3092737744&adf=2032452159&pi=t.ma~as.8628995835&w=336&lmt=1701609888&format=336x280&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887830&bpp=1&bdt=178&idt=280&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=890&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=282

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dee9e9a1923f38e40bbfef768e7b9b68614b47627253a40165b54a3c8ffde61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
expires: Sun, 03 Dec 2023 13:24:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98A9 101 KB
37 KB 527ms
526ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=600&slotname=2717876379&adk=574191690&adf=1851642902&pi=t.ma~as.2717876379&w=300&lmt=1701609888&format=300x600&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887830&bpp=1&bdt=178&idt=283&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C336x280&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1271&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=286

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7951266646cbfb19e25191684e3eb90545308d8604c83eed6d8ae64c682e18ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37996
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
expires: Sun, 03 Dec 2023 13:24:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40e283dc5cedd94780528edb42efd2fc8d5db432169e3d7bdd3837f557726444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55853
x-xss-protection: 0
server: cafe
etag: 10357776837142349184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:24:48 GMT

GET
H2 200 11386734796606867506
tpc.googlesyndication.com/simgad/ Frame 3816 29 KB
29 KB 75ms
39ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11386734796606867506?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkfsh4K5igMaw2kf2Q0Qm8aUwQirg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=250&slotname=7926342154&adk=2603456720&adf=3869583371&pi=t.ma~as.7926342154&w=300&lmt=1701609888&format=300x250&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887829&bpp=1&bdt=178&idt=276&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=198&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=279

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c66270ccb227548e9c15d5d86049c0751486677825452ef24f33105c4ed690be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:38:07 GMT
x-content-type-options: nosniff
age: 517601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29676
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 10:20:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Nov 2024 13:38:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3816 24 KB
9 KB 63ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:23:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDB3 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=250&slotname=7926342154&adk=2603456720&adf=3869583371&pi=t.ma~as.7926342154&w=300&lmt=1701609888&format=300x250&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887829&bpp=1&bdt=178&idt=276&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=198&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=279
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3816 3 KB
1 KB 52ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3816 20 KB
9 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3816 202 KB
64 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:24:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3816 36 KB
15 KB 57ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:00:45 GMT

GET
H2 200 5145102648626432124
tpc.googlesyndication.com/simgad/ Frame 98A9 47 KB
48 KB 53ms
33ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5145102648626432124?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk9XPetwyw1WHRvm4JEUUSOv65VZA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=600&slotname=2717876379&adk=574191690&adf=1851642902&pi=t.ma~as.2717876379&w=300&lmt=1701609888&format=300x600&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887830&bpp=1&bdt=178&idt=283&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C336x280&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1271&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

142e8e81e7f5f386ba1dd95399acbe43731e2cbcf403603d420591cd8a0bcbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:11:00 GMT
x-content-type-options: nosniff
age: 51228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48482
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:46:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 23:11:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 98A9 24 KB
9 KB 50ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:23:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 98A9 3 KB
1 KB 65ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 98A9 20 KB
8 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98A9 202 KB
64 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:24:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 98A9 36 KB
14 KB 62ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:00:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB31 143 B
166 B 14ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=600&slotname=2717876379&adk=574191690&adf=1851642902&pi=t.ma~as.2717876379&w=300&lmt=1701609888&format=300x600&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887830&bpp=1&bdt=178&idt=283&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C336x280&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1271&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=286
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDB3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
expires: Sun, 03 Dec 2023 13:24:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame FAEF 6 KB
1 KB 59ms
23ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=280&slotname=8628995835&adk=3092737744&adf=2032452159&pi=t.ma~as.8628995835&w=336&lmt=1701609888&format=336x280&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887830&bpp=1&bdt=178&idt=280&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=890&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 13:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 13:23:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 13:24:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FAEF 2 KB
902 B 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:24:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame FAEF 24 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:23:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FAEF 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FAEF 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAEF 202 KB
64 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:24:48 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame FAEF 37 KB
16 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/2976452890627219482/ Frame FAEF 17 KB
17 KB 33ms
33ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2976452890627219482/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a9ee2090110e613d157eeb39a94060e27257c5c22288ab9e853881bb776cff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:04:28 GMT
x-content-type-options: nosniff
age: 530420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17702
x-xss-protection: 0
last-modified: Thu, 12 May 2022 14:31:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Nov 2024 10:04:28 GMT

GET
DATA 200
OK truncated
/ Frame FAEF 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB31
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
expires: Sun, 03 Dec 2023 13:24:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3816 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91bd237252778d84985c0b9eb6e3be7efab15fbea08d59151f7891103e981517

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 98A9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d578827849ed5115f75a37a26d38267945b0d0b6ec8eb0ef20c0d29c3b7fdaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 98A9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C1V3HoIFsZejzCPGB1fAPxaKgoAHWpLzIdK2h5rD9EZzgwovBARABIJzvm3ZglfKLgpgHoAHOq4fUA8gBAqkCXwoFms8NaD6oAwHIA8kEqgTcAU_QW-XYCDit8GGKN1A7StWfFaeKS9AgwXE...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210753772156678325710%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%2...

0
0

79ms
50ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210753772156678325710%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981587406%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228343046428642254513%22}&andc=true

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10753772156678325710","debug_reporting":true,"destination":"https://concept.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["981587406"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"8343046428642254513"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 13:24:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 13:24:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10753772156678325710","debug_reporting":true,"destination":"https://concept.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["981587406"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"8343046428642254513"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3816
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CwUjloIFsZe_LDJ6D5LcP_cmo-Afvvta6dOujquaCEsD0xtSRDhABIJzvm3ZglfKLgpgHoAG22KvJA8gBAqkCXwoFms8NaD6oAwHIA8kEqgTbAU_QN73cXxLN_wkjhUCuai1jupJcufSN6LM...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217720667005374315234%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%...

0
0

77ms
50ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217720667005374315234%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22959114294%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225116799260701375217%22}&andc=true

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17720667005374315234","debug_reporting":true,"destination":"https://samsung.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["959114294"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"5116799260701375217"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 13:24:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 13:24:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17720667005374315234","debug_reporting":true,"destination":"https://samsung.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["959114294"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"5116799260701375217"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame A2A6 9 KB
4 KB 15ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Sun, 17 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FAEF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a308237b03dd478974d3defdd2b0771d4c52b723b89a5eaa60d9e772a9f7967f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame D367 51 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 101ms
47ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 13:24:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D86 51 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 101ms
48ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 13:24:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame A2A6 4 KB
744 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 13:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 12:54:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 13:24:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A2A6 205 B
520 B 15ms
14ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:42:43 GMT
x-content-type-options: nosniff
age: 168125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Nov 2024 14:42:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A2A6 604 B
697 B 15ms
14ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:48:04 GMT
x-content-type-options: nosniff
age: 333404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 16:48:04 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame A2A6 16 KB
7 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 23:01:49 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame A2A6 22 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:37:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FAEF 15 KB
16 KB 48ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 85659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FAEF 15 KB
16 KB 51ms
17ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 161127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FAEF 15 KB
15 KB 60ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:38 GMT
x-content-type-options: nosniff
age: 332050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:38 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame CEF2
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a09140f4-025c-4445-a6a1-97b7c02ed7b0&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=bc0c9223-bad2-430b...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6ab30abaa1194bab9285cd39f15330c1&SNR=1&GV=2&med=10

0
545 B

53ms
52ms

Image
text/plain

2a02:26f0:3500:1b::1724:a38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6ab30abaa1194bab9285cd39f15330c1&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=90&slotname=2797767427&adk=2257568635&adf=2323279552&pi=t.ma~as.2797767427&w=728&lmt=1701609888&format=728x90&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887828&bpp=1&bdt=177&idt=272&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41672E62D005466EBD2695F70204D4B1 Ref B: FRAEDGE1420 Ref C: 2023-12-03T13:24:49Z
x-cdn-traceid: 0.8aa12417.1701609889.205a2014
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 03 Dec 2023 13:24:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BACEC65DF53543C58EB0A59EB36C3A60 Ref B: FRAEDGE1116 Ref C: 2023-12-03T13:24:48Z
x-cdn-traceid: 0.8aa12417.1701609888.205a1ec0
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6ab30abaa1194bab9285cd39f15330c1&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame CEF2 91 KB
36 KB 78ms
15ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=90&slotname=2797767427&adk=2257568635&adf=2323279552&pi=t.ma~as.2797767427&w=728&lmt=1701609888&format=728x90&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887828&bpp=1&bdt=177&idt=272&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 03 Dec 2023 13:24:49 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231203T132449Z-4xh4g0dh5146p4h1c7exyvwthw00000012mg00000000w1sq
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 551ad05e-d01e-00ca-4f09-14e0ef000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame CEF2 80 KB
28 KB 39ms
7ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=90&slotname=2797767427&adk=2257568635&adf=2323279552&pi=t.ma~as.2797767427&w=728&lmt=1701609888&format=728x90&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887828&bpp=1&bdt=177&idt=272&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Sun, 03 Dec 2023 13:24:48 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1552668
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-fra-eddf8230078-FRA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1701609889.989813,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 1932380

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CEF2 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=90&slotname=2797767427&adk=2257568635&adf=2323279552&pi=t.ma~as.2797767427&w=728&lmt=1701609888&format=728x90&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887828&bpp=1&bdt=177&idt=272&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CEF2 20 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEF2 202 KB
64 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:24:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FAEF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CR01foIFsZejzDIilkwPhzqiACPeY4rB06NDyjd8RjqzBpacmEAEgnO-bdmCV8ouCmAegAYSMmbwCyAEJqAMByAPLBKoE3gFP0ORLrXpgGrmGIxMcwU5kJru00BLVJDzoM9pf0o9gZrVq9ge...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212854422863640748960%22,%22debug_reporting%22:true,%22destination%22:%22https://tiktok.com%22,%22event_report_window%22:%2...

0
0

50ms
50ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212854422863640748960%22,%22debug_reporting%22:true,%22destination%22:%22https://tiktok.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663111172%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221623855534229011137%22}&andc=true

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12854422863640748960","debug_reporting":true,"destination":"https://tiktok.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["663111172"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"1623855534229011137"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 13:24:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 13:24:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12854422863640748960","debug_reporting":true,"destination":"https://tiktok.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["663111172"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"1623855534229011137"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0ED5 51 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 11A4 14 KB
1 KB 30ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 13:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 12:02:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 13:24:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 11A4 2 KB
822 B 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:24:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 11A4 24 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:23:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2866 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1227
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 11A4 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 19:59:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 11A4 20 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:31:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11A4 202 KB
64 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:24:49 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 11A4 37 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 49ms
48ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 13:24:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 th
www.bing.com/ Frame CEF2 9 KB
10 KB 19ms
19ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215950520173_18V918LQ9PRBP75PVL&pid=21.2&c=17&roil=0&roit=0.2383&roir=1&roib=0.7617&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=90&slotname=2797767427&adk=2257568635&adf=2323279552&pi=t.ma~as.2797767427&w=728&lmt=1701609888&format=728x90&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887828&bpp=1&bdt=177&idt=272&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 13d3d2e35c0ec66e2ae31e4345775ae819197010911befe1aa29269c3990985e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:49 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.8aa12417.1701609889.205a2060
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 9668
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame CEF2 0
535 B 54ms
14ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize&e=wqT_3QL-A-j-AQAAAwDWAAUBCKCDsqsGEObD772J3PvfBhgAKjYJf244RVPC2j8R8du0c7IV2j8ZAAAAwMzM5D8h8Q0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4vfQFgAEBigEDVVNEkgUG8LCYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCKmh0dHBzOi8vYmlnaW1hZ2UuMTF6b24uY29tL2VuL2ltYWdlLXJlc2l6ZYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLoB0liIBQGYBQCgBaj2uaD4u9X1HcAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFvfMp-gUEAVwokAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe99AXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB4njAooIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=f01ccc8bd25a9127b1b1fcb6cea283150d5c9546&bdref=https%3A%2F%2Fbigimage.11zon.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fbigimage.11zon.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3063139446072328%26output%3Dhtml%26h%3D90%26slotname%3D2797767427%26adk%3D2257568635%26adf%3D2323279552%26pi%3Dt.ma~as.2797767427%26w%3D728%26lmt%3D1701609888%26format%3D728x90%26url%3Dhttps%253A%252F%252Fbigimage.11zon.com%252Fen%252Fimage-resize%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701609887828%26bpp%3D1%26bdt%3D177%26idt%3D272%26shv%3Dr20231129%26mjsv%3Dm202311150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D3225448428571%26frm%3D20%26pv%3D1%26ga_vid%3D1930751989.1701609888%26ga_sid%3D1701609888%26ga_hid%3D448540796%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D348%26ady%3D132%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079437%252C42532523%252C44809315%252C31078297%252C44807406%252C44807763%252C44808148%252C44808285%252C44809072%26oid%3D2%26pvsid%3D3383398827450859%26tmod%3D1260747065%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D276&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:49 GMT
an-x-request-uuid: 3c857dc0-ede0-481e-a7cb-ed537d180b2a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2866
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
36ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:49 GMT
expires: Sun, 03 Dec 2023 13:24:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame A39D 51 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: bigimage.11zon.com
URL: https://bigimage.11zon.com/en/image-resize/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

GET
DATA 200
OK truncated
/ Frame CEF2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 410f07135bb50f949e9c25dbb2b151939711731039d31909bcf000825c02820e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame CEF2 0
558 B 14ms
13ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize&e=wqT_3QKaB-iaAwAAAwDWAAUBCKCDsqsGEObD772J3PvfBhgAKjYJf244RVPC2j8R8du0c7IV2j8ZAAAAwMzM5D8h8Q0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4vfQFgAEBigEDVVNEkgUG8H2YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIqaHR0cHM6Ly9iaWdpbWFnZS4xMXpvbi5jb20vZW4vaW1hZ2UtcmVzaXplgAMAiAMBkAMAmAMJoAMBqgOZAwqwAmh0dHBzOi8vd3d3LmJpbmcFOvB5YXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YmMwYzkyMjMtYmFkMi00MzBiLTljYTktNmQ1Y2ZhNWMwYjM0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXBhwdWJsaXNoBSksMTYyNjQ1MzMwJnJJmnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnwQGVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI0ODYzNjk5MzMxNjUwNjA1ODIiCTM4MTg0NjcxNCoEIUzw3jo4VTJWaGNtTm9RV1FqTnpJek5qRTVNelV6TnpRMk56Z2pNak15TkRFMk1UUXlNekE1TmpJM01RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFqPa5oPi71fUdwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAFRBUBAYtg4AYB8gYCCACABwGIBwCgBwHIB730BdIHDRVlASYM2gcGCAUJqOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=c60071fac93dd8270805f67847d60ac08bdfd7ed&type=nv&nvt=5&jm=1003&px=0&py=0&bw=182&bh=90&sid=3481262491777627895&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:49 GMT
an-x-request-uuid: ea16d844-bc23-4da0-bf15-ad86aadf0fd0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CEF2 0
19 B 59ms
59ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNpvwoIFsZfiaCN3V1fAP9piFkAXS4Nfgbo-ktpOTCsCNtwEQASAAYJWKiY6wB4IBF2NhLXB1Yi0zMDYzMTM5NDQ2MDcyMzI4yAEJqAMByAMCqgTRAU_QYYMDp40BEAwuTt6gu_W4ga8gvQge1Fb69CixgNj8iCYRlftBSbwccotGxHcyzyaoGmDCPV-bC0cmYPsjySoF-w8W9veIV4K-h5r4QSm-tva-qMsMY6Zj2RWq_fgQuXDs_A92C4wo3FKR25Bd3LCb0OrsRos2a-gWB8agInJD_7xgBSz2sVljo_E2ooo2is0geWTLZdiYeFFjP4FVDpTFv03ieRIcvkusnyDFGMSPlMd-vcV3L5N0uzw2oIcTC0TawL9k5l92agKDbDpmcQf9gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNnOtueu84IDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMwNjMxMzk0NDYwNzIzMjgYAA&sigh=MVFEUkqrkB8&uach_m=%5BUACH%5D&cid=CAQSGwDICaaNmOGgP3l7Vg_ohQHxfZ2Dc7_Aqx2nJRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3063139446072328&output=html&h=90&slotname=2797767427&adk=2257568635&adf=2323279552&pi=t.ma~as.2797767427&w=728&lmt=1701609888&format=728x90&url=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701609887828&bpp=1&bdt=177&idt=272&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3225448428571&frm=20&pv=1&ga_vid=1930751989.1701609888&ga_sid=1701609888&ga_hid=448540796&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C42532523%2C44809315%2C31078297%2C44807406%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=3383398827450859&tmod=1260747065&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 13:24:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame CEF2 0
534 B 14ms
14ms Image
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize&e=wqT_3QKaB-iaAwAAAwDWAAUBCKCDsqsGEObD772J3PvfBhgAKjYJf244RVPC2j8R8du0c7IV2j8ZAAAAwMzM5D8h8Q0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4vfQFgAEBigEDVVNEkgUG8H2YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIqaHR0cHM6Ly9iaWdpbWFnZS4xMXpvbi5jb20vZW4vaW1hZ2UtcmVzaXplgAMAiAMBkAMAmAMJoAMBqgOZAwqwAmh0dHBzOi8vd3d3LmJpbmcFOvB5YXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YmMwYzkyMjMtYmFkMi00MzBiLTljYTktNmQ1Y2ZhNWMwYjM0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXBhwdWJsaXNoBSksMTYyNjQ1MzMwJnJJmnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnwQGVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI0ODYzNjk5MzMxNjUwNjA1ODIiCTM4MTg0NjcxNCoEIUzw3jo4VTJWaGNtTm9RV1FqTnpJek5qRTVNelV6TnpRMk56Z2pNak15TkRFMk1UUXlNekE1TmpJM01RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFqPa5oPi71fUdwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAFRBUBAYtg4AYB8gYCCACABwGIBwCgBwHIB730BdIHDRVlASYM2gcGCAUJqOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=c60071fac93dd8270805f67847d60ac08bdfd7ed&pp=ZWyBoAACDXgIFWrdAAFMdn1Tpgft9d0fJb_TVw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBx0joIFsZfiaCN3V1fAP9piFkAXS4Nfgbo-ktpOTCsCNtwEQASAAYJWKiY6wB4IBF2NhLXB1Yi0zMDYzMTM5NDQ2MDcyMzI4yAEJqAMByAMCqgTUAU_QYYMDp40BEAwuTt6gu_W4ga8gvQge1Fb69CixgNj8iCYRlftBSbwccotGxHcyzyaoGmDCPV-bC0cmYPsjySoF-w8W9veIV4K-h5r4QSm-tva-qMsMY6Zj2RWq_fgQuXDs_A92C4wo3FKR25Bd3LCb0OrsRos2a-gWB8agInJD_7xgBSz2sVljo_E2ooo2is0geWTLZdiYeFFjP4FVDpTFv03ieRIcvkusn2LHOVZNMD0TKT8Dmg0tP4oyg42XAmrCGR3iv9vK6iivdPrnk2pp_BV-gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNnOtueu84ID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3xXTxAdkyTI5Ab0VmLwnaJn-jHJA%26client%3Dca-pub-3063139446072328%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:49 GMT
an-x-request-uuid: b52da1bd-779f-48e9-a3d0-f178e403be2d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
61ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0db2a9bc764d74ed5af29daaaf20ea61d1043590e7f6a7a66005bcb595dcba9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12267
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 13:24:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C3F 13 KB
5 KB 26ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 53594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 22:31:35 GMT
expires: Sun, 01 Dec 2024 22:31:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EF87 829 B
560 B 27ms
24ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ec61c022b4edb376ce7963f2646ad649f0b0955feabc6ed15a8e0dbeffd3b96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uwjaxcL2hPR99dBR2vu6KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigimage.11zon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uwjaxcL2hPR99dBR2vu6KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 13:24:49 GMT
expires: Sun, 03 Dec 2023 13:24:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C3F 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EF87 0
0 49ms
48ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3383398827450859&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7C3F 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hrDhQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 13:24:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98A9 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjYbNaK-SMdLNp6N3cv29mRSdkDEAbkLnim-U2U0e0iJm-l-yrr01tUzd9jF5YkJC6HOWoyNuUH-FbyPQoAK43u8Bz5__iL7sD04giC41tY-tEIpxSxJdjCw4JO07jQu4kWRRJQUqlrCa3&sai=AMfl-YRf4BepGUQclDSnGloIwSq7qAUJ1ZCoLAOH3jfBZXLXpAZ2LowkxPaPr7XqnmRg3_lynm4hQ2xfKyBnreZCYILS67BaAPM&sig=Cg0ArKJSzATJSigyA2AGEAE&cid=CAQSGwDICaaNiFv5w3XVUNlLtalVr7BdNqZbcxdflBgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=574191690&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701609888117&rpt=645&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3816 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubGewvt_WVCCp0r-_Jryfs71qPV_Amc7r9rozXROC8msUIPxKEBKMjI4xzFU1ZCMiPRgZq_6BSet9aEA-gLAYEC4_OC1dXB0DPcIA8swjiSFASaANjJkgp_TYoX_AKB9a-XSQ09E-eloTK&sai=AMfl-YQQMaGUzfaQVJc9-mgukrxwgvY7ebykInGGmcVv9EY1GMpMEKZ5g4kZiP_x7gU2wVKKrvlgS75rLZiU88y5T73ud6JrmG8&sig=Cg0ArKJSzBFd6_5fL4zyEAE&cid=CAQSGwDICaaNjfLBKM6FS6FdQ366OgdS3Fvt65OEURgB&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2603456720&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701609888109&rpt=663&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FAEF 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsto3UAU2eFbknA68s-f5kW1Ko939D-VcovFu8D8wqWbeqpX1k5aadUd_THd2gAHhfB97rxwd1GtHvZql55wUm0ZqXb_cxKlvvfs1biaKBTrWCOQZB1nTupsrwURLHRCoBx7d1Sij0vbvlna&sai=AMfl-YTzJgv3RLoAt-N5vqogTBEszF62F8kLiR_NsGvG07tP-K95D3on3SMQJFfzIi6ahcqJDp1rY2T0b0Lg971vaoz4iU6u8tE&sig=Cg0ArKJSzOjgPXYAji8aEAE&cid=CAQSGwDICaaNsVn_v45Ot8jFbq7N-Hx9_tk4GjGbEhgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3092737744&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701609888113&rpt=840&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame CEF2
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a09140f4-025c-4445-a6a1-97b7c02ed7b0&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=bc0c9223-bad2-430b...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6ab30abaa1194bab9285cd39f15330c1&tids=15000&med=10

0
18 B

68ms
68ms

Image
text/plain

2a02:26f0:3500:1b::1724:a38a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6ab30abaa1194bab9285cd39f15330c1&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a38a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DDB92FDA0D0E46C38F774A606F47268D Ref B: FRAEDGE2010 Ref C: 2023-12-03T13:24:50Z
x-cdn-traceid: 0.8aa12417.1701609890.205a3121
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 03 Dec 2023 13:24:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E02CB49B28EF45C4805063BC732A4ACA Ref B: FRAEDGE1916 Ref C: 2023-12-03T13:24:50Z
x-cdn-traceid: 0.8aa12417.1701609890.205a305c
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6ab30abaa1194bab9285cd39f15330c1&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3383398827450859&bg=!jY6ljsHNAAY3kmNgF5I7ADQBe5WfOLOD3wfV__hWqJZjrNeLuQsryR-suFIc9JDgxI5By5oZYUEmGDhsWNQP37uvgDXwAgAAADlSAAAAAmgBBwoAxVQ6GHXc98iQwxbah9liROwFd8jsKoVuDr1yeJmub_VWjr8tiVVDdjlzIzrgXYtIyTfScwSV5hXRMKr9_OVliHCEsdIFqFUR5ClPAaF8uhIQWnVHUTByCc3WKcbmHMWI7BIHLD0DMMsarr3cR8FNhgmQJfpnaHi63fnLm6K_H9QyE2bXTwyPxAzEAH5eCzL9swHXBV9S2pYICjQkSRbUdqucOVeMWZEL7X-1vOiiulvnvP5EgWMV38cxBWx6P5gZApl2PoJzmQLCNQ6ZPF44pZfeYVdN17dazJWCljYzI8ZUj0pb7-nQEAxwndpZPZClVI9lthG1pxcIomkwNYSNc5QFiGGNJLjFvsCTQOKE9cM-rLQpKW5TsaV8PhAaYlLl_gwQD6dwbcd5KzgiBEgHLWWOWI-W-cFXaJyloNgPAKcPLh3XZ_17BePfsFMA-zgZHuNk7KOd1egfIbH61s8V0GoTRWu00xTm6vs-xqEZZAQIbx2RnFRJd9VGK3DnnCo6VbaWCUH87OQCTcZ7Mq6RXoQPd68URhyTEduz8WJrqeccdrnXKX80PSlNucpdEbI-o0e_T6pzl-VDHLGFqctzbh787h9QVNfWl-H5l49lVil64MB9bCHg-OghYNv_23ST8NvWsd9km6xmRgG6eqn7-Gjl6Di7PJ0M9TIwhpSidNLEvonlpDmVbGcgxbWAJ7-_0KyBzrV2rgQufSPAC89q6OnMDxTlK0RtT1_Gyjluh6tHnb_JDfv81mxvNrtEk1Dufjty2PLhozKsHd6Du7QZ60lPWkA_OkNEUs8Rvhl-KfHNzUqLboyXVEmddLeOEjsD-k-EZD52a4ZmOfmi42Qbe8Ruwll1H9vyaD94zv6hc5wc1CoOgIYcl4TSN2avXjGGg8XD10Uz9X-B7ZmOLhMW5wYd7YXobtKw3HnYIiK_pL5IdcuVuN0jnqDcaNAAQIEpjaBcU8C-Lo-ZcyUSXnH8SpwNUiftILjvOyErp-KoSYJhxrAsXi3MpeKnbQ5nH84iSBEHw6xdTkEKuqnu9GsIdWRkZDiXEhA2FzvmKRfH-a8CrerngprGGFAcdHk3CzIbklAM9ZtKU77ViGh2E8HWRdKglgcejXQTOcFD2cE6B_UkRBy1jQrSKB6O2h5M-m3ccP4SPMctf99nROfa13zSwQR1ljMWTuRitbJzUN4fZQAoLKVlGNvP3SocMw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bigimage.11zon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CEF2 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudhYqQuqdbiDTuQz4Jz2igKJrsPggIVmzC1pXQ9_A0o3CMhsnsPhg2bDeSgXRJrfhwwW1yXRZr9_fEpfzk_skGvLUsA5P-20JRWQJJvux4B2zbQ4ioFA&sig=Cg0ArKJSzB5UrNgaGpWXEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2257568635&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701609888105&rpt=1141&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 13:24:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame CEF2 0
558 B 14ms
14ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fbigimage.11zon.com%2Fen%2Fimage-resize&e=wqT_3QKaB-iaAwAAAwDWAAUBCKCDsqsGEObD772J3PvfBhgAKjYJf244RVPC2j8R8du0c7IV2j8ZAAAAwMzM5D8h8Q0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4vfQFgAEBigEDVVNEkgUG8H2YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIqaHR0cHM6Ly9iaWdpbWFnZS4xMXpvbi5jb20vZW4vaW1hZ2UtcmVzaXplgAMAiAMBkAMAmAMJoAMBqgOZAwqwAmh0dHBzOi8vd3d3LmJpbmcFOvB5YXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YmMwYzkyMjMtYmFkMi00MzBiLTljYTktNmQ1Y2ZhNWMwYjM0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXBhwdWJsaXNoBSksMTYyNjQ1MzMwJnJJmnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnwQGVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI0ODYzNjk5MzMxNjUwNjA1ODIiCTM4MTg0NjcxNCoEIUzw3jo4VTJWaGNtTm9RV1FqTnpJek5qRTVNelV6TnpRMk56Z2pNak15TkRFMk1UUXlNekE1TmpJM01RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFqPa5oPi71fUdwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAFRBUBAYtg4AYB8gYCCACABwGIBwCgBwHIB730BdIHDRVlASYM2gcGCAUJqOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=c60071fac93dd8270805f67847d60ac08bdfd7ed&type=pv&jm=1003&px=0&py=0&bw=182&bh=90&sf=1&sid=3481262491777627895&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS