sazi.online Open in urlscan Pro
2606:4700:3037::6815:3064 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sazi.online/
Effective URL:
https://sazi.online/
Submission: On September 15 via api (September 15th 2023, 6:20:16 pm UTC) from US — Scanned from DE

Summary HTTP 200 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 26 domains to perform 200 HTTP transactions. The main IP is 2606:4700:3037::6815:3064, located in United States and belongs to CLOUDFLARENET, US. The main domain is sazi.online.
TLS certificate: Issued by GTS CA 1P5 on August 13th 2023. Valid for: 3 months.

This is the only time sazi.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:b7ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:303... 2606:4700:3037::6815:3064	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1a0... 2400:52e0:1a01::996:1	200325 (BUNNYCDN) (BUNNYCDN)
8	212.124.124.115 212.124.124.115	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	103.171.93.27 103.171.93.27	135990 (EVG-AS-VN...) (EVG-AS-VN Everest Global Joint Stock Company)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
10	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2	64.233.167.155 64.233.167.155	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:d::6	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 10	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 5	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.49.226.99 52.49.226.99	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:cca0:8b97:e855:348c	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21f... 2600:9000:21f3:3200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7781:67c5:1d20:e11a:882a	() ()
200	34

1 2606:4700:3032::ac43:b7ca (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sazi.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3037::6815:3064 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sazi.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1a01::996:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.124.124.115 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., VG)

aj1559.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.171.93.27 (Viet Nam)

ASN135990 (EVG-AS-VN Everest Global Joint Stock Company, VN)

server.zmedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:d::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5edn6k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.39.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.226.99 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-226-99.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.76.200.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:cca0:8b97:e855:348c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7781:67c5:1d20:e11a:882a (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 152 ade.googlesyndication.com — Cisco Umbrella Rank: 329	469 KB
32	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 bid.g.doubleclick.net — Cisco Umbrella Rank: 949 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 396 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	152 KB
29	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	771 KB
19	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1293 r1---sn-4g5edn6k.c.2mdn.net — Cisco Umbrella Rank: 430843 s0.2mdn.net — Cisco Umbrella Rank: 331	124 KB
17	sazi.online 2 redirects sazi.online	148 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 958 static.adsafeprotected.com — Cisco Umbrella Rank: 635 dt.adsafeprotected.com	102 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 region1.google-analytics.com — Cisco Umbrella Rank: 2288	42 KB
8	aj1559.online aj1559.online — Cisco Umbrella Rank: 57172	81 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2787	30 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com — Cisco Umbrella Rank: 501	265 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658	3 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	395 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 268	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 670	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2322	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 980 s.tribalfusion.com — Cisco Umbrella Rank: 2310	1 KB
2	zmedia.vn server.zmedia.vn — Cisco Umbrella Rank: 69531	6 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 11844	2 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 710	574 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8166	623 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478	714 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 943	716 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 928	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183	603 B
1	google.de www.google.de — Cisco Umbrella Rank: 5677	408 B
200	26

	Domain	Requested by
33	pagead2.googlesyndication.com	aj1559.online pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com server.zmedia.vn www.googletagservices.com
17	sazi.online	2 redirects sazi.online
15	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com sazi.online
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
15	fonts.gstatic.com	fonts.googleapis.com www.google.com
13	s0.2mdn.net	sazi.online s0.2mdn.net googleads.g.doubleclick.net
10	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
10	csi.gstatic.com	imasdk.googleapis.com
8	aj1559.online	sazi.online aj1559.online
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com server.zmedia.vn
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	sazi.online www.gstatic.com www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
5	www.googletagmanager.com	sazi.online www.googletagmanager.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	sazi.online
4	r1---sn-4g5edn6k.c.2mdn.net
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	www.gstatic.com	www.google.com www.gstatic.com
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	fonts.googleapis.com	sazi.online googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	fw.adsafeprotected.com	1 redirects sazi.online
2	ade.googlesyndication.com
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	server.zmedia.vn	aj1559.online
2	region1.google-analytics.com	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	plausible.io	sazi.online plausible.io
1	tags.bluekai.com	googleads.g.doubleclick.net
1	ius.ctnsnet.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	sazi.online
1	stats.g.doubleclick.net	www.googletagmanager.com
200	42

This site contains no links.

Subject Issuer	Validity	Valid
sazi.online GTS CA 1P5	`2023-08-13` - `2023-11-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
plausible.io R3	`2023-08-03` - `2023-11-01`	3 months	crt.sh
aj1559.online R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
server.zmedia.vn R3	`2023-07-17` - `2023-10-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-29` - `2023-11-07`	2 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://sazi.online/
Frame ID: 214AADA821652CEFFC91C4AE962AE365
Requests: 65 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsbMUlAAAAAFswz6m-Wag8MDNnx1xn-TCn364a&co=aHR0cHM6Ly9zYXppLm9ubGluZTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=p0zleqg359kv
Frame ID: 7E8F45637470FE33660BDEA9DA65827E
Requests: 7 HTTP requests in this frame

Frame: https://sazi.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Frame ID: ECB4B93B3ACFD1950824942F13DDA187
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Frame ID: 8D7A95B38C6F1B4FA1A0DD7C4589B28A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1694794806&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsazi.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008506&bpp=10&bdt=1512&idt=392&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2469268713378&frm=20&pv=2&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=429
Frame ID: 352A8BE24DBB1200F64F74EBC2A063CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=2264433467&adf=501445130&pi=t.aa~a.900623758~rp.4&w=980&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&to=qs&pwprc=4006195085&format=980x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008516&bpp=1&bdt=1522&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aaZgRCuQVp&p=https%3A//sazi.online&dtd=432
Frame ID: F97766A23F65599412B4AA924C3925F1
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=3004208991&adk=2312289932&adf=1206385394&pi=t.ma~as.3004208991&w=620&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&format=620x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008530&bpp=1&bdt=1536&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=76g62TFsd1&p=https%3A//sazi.online&dtd=430
Frame ID: 665E67E0C2CE3DF3811DE6FC54843D44
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBA4F43CC6B09E46EE2A65C9F31C8C77
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3279D40513297926B07912DF230F32E3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 2B3413B26B7A7564C9AE3E1163EB7C15
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 720495D48E290EF673D8997F6AA4547C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Frame ID: A72599EC160FF7D2E0DABBE81C99DE34
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKX79PUBMAE&v=APEucNUM1GON-jnbDCwvE71V-s2NBfEfGnLwDmMZ8qryYSMR4YMo-sZvcbHNuhT6Eak6ZaLBT8KcKF3h5506-IocKieYVJYNfhs56eZ62nj-P8UIanJFR6vx5ekoKkakVPBaPhfVMRV6hOrHqJWQOQjbE5UbHjH98FpdLnLT3lICe1uAn9oD8SE
Frame ID: EBE83DF288BE7F10265A5E49B386E5AF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 60B93CD79169EDCD7B640AF06274730F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CDAF032A131129128336D78461144D2A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
Frame ID: 06E6255BEAB4CADB2E57588246A10248
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FDBAD05BA90445B847293B2E5A457930
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sazi.Online

Page URL History Show full URLs

http://sazi.online/ HTTP 301
https://sazi.online/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

200
Requests

93 %
HTTPS

67 %
IPv6

26
Domains

42
Subdomains

34
IPs

8
Countries

2659 kB
Transfer

13895 kB
Size

39
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sazi.online/ HTTP 301
https://sazi.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://sazi.online/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://sazi.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

Request Chain 102

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B2B6E3E2811A89E121937D178A1B8B6EE2F41464.8A9E12B54FD7DBB49EAB33D24980CF0602D728A6/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2176606E2556B9674E9D56320F433D92A087875C.3984EB6BE8B08BC0D2D50FF7E8A05B1729465EB6/key/cms1/cms_redirect/yes/mh/qX/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694801612/mv/u/mvi/1/pl/36/file/file.mp4

Request Chain 106

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B3E5AE4E77CA065AB531ADB8759F00C299EBA29B.2B8C458288C280DC4F41710B108E4FBB78B1E33E/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51DCAF6582126ED288C2515C627F77ED9064C2F6.744A6EE672422FADE67D57B993230E7E08972C02/key/cms1/cms_redirect/yes/mh/qX/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694801612/mv/u/mvi/1/pl/36/file/file.mp4

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1&C=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSgXG439z1x5u8jszBAKQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELw9oYGPeuFbCiZZUgJQN2Q&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELw9oYGPeuFbCiZZUgJQN2Q%26google_cver%3D1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3MzQ5NTg0NDQxMjEyNDQxMA%3D%3D

Request Chain 166

https://a.tribalfusion.com/i.match?p=b6&u=CAESEO9GWs-0QCVp6n6iFoKATJw&google_cver=1&google_push=AXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9xw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9xw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO9GWs-0QCVp6n6iFoKATJw&google_cver=1&google_push=AXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9xw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9xw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 167

https://um.simpli.fi/gp_match?google_gid=CAESELkt_Poss-s0ooL-BDyP1iY&google_cver=1&google_push=AXcoOmQJzctFtSndKcTrSSBXernDoWFKc-26CdzRCn0Lj8oDZLjzVIYQCmIZwY8Qqboiz-gCQUArjlXOd2cMdoYveBkzvLLpYLKtqQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F548ADE7ACBC4100B3B9708B9744FA41&google_push=AXcoOmQJzctFtSndKcTrSSBXernDoWFKc-26CdzRCn0Lj8oDZLjzVIYQCmIZwY8Qqboiz-gCQUArjlXOd2cMdoYveBkzvLLpYLKtqQ

Request Chain 168

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQgjf6FHeP-0-SToAMZ2kKYNUlhpT5D2TX3Cs1MT_WQVWwQh5k4JguMLBwzIQxdjUqufeKefPenWeGh_3dNQxYRux5nJ79VPNI&google_gid=CAESEGjZEFfyrse29ptHbq1lNYg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQgjf6FHeP-0-SToAMZ2kKYNUlhpT5D2TX3Cs1MT_WQVWwQh5k4JguMLBwzIQxdjUqufeKefPenWeGh_3dNQxYRux5nJ79VPNI&google_gid=CAESEGjZEFfyrse29ptHbq1lNYg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA5MTUxODIwMTMwMDAxMDYyNzcxMDY0MQ%3D%3D&google_push=AXcoOmQgjf6FHeP-0-SToAMZ2kKYNUlhpT5D2TX3Cs1MT_WQVWwQh5k4JguMLBwzIQxdjUqufeKefPenWeGh_3dNQxYRux5nJ79VPNI

Request Chain 169

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIEzGNGAJeUZ3dUIK_QwtHA&google_cver=1&google_push=AXcoOmTmoif7WHDy9j3vTH5fkYdLIfXCOgPqDR11MQUo3OYLB5Tl24gkepXi8EgHcCtOFbmlSPiRzi2akp6Iia51PzFwHQyoxRCLOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmoif7WHDy9j3vTH5fkYdLIfXCOgPqDR11MQUo3OYLB5Tl24gkepXi8EgHcCtOFbmlSPiRzi2akp6Iia51PzFwHQyoxRCLOQ&google_hm=eS1ZbmE3N3haRTJwRnR6RzBUaEpQdF9JcFB3X3hhd3NXQn5B

Request Chain 170

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOfoWRP6BFGrXGzpEo_jjLY&google_cver=1&google_push=AXcoOmQ0fkaT5nG52JCr-_34eFTcWBfjeJSIQA9ABg2tBjqP_-heLQTFU9x9jcLcWgigksKIGJp-4_AAnFbdw9M_4RY7Xh8aCChsQo4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOfoWRP6BFGrXGzpEo_jjLY&google_cver=1&google_push=AXcoOmQ0fkaT5nG52JCr-_34eFTcWBfjeJSIQA9ABg2tBjqP_-heLQTFU9x9jcLcWgigksKIGJp-4_AAnFbdw9M_4RY7Xh8aCChsQo4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNTk0MjY2NzQwNDIwMDkx&google_push=AXcoOmQ0fkaT5nG52JCr-_34eFTcWBfjeJSIQA9ABg2tBjqP_-heLQTFU9x9jcLcWgigksKIGJp-4_AAnFbdw9M_4RY7Xh8aCChsQo4

Request Chain 171

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEX_IMai6oG38uDfrnAwRbA&google_cver=1&google_push=AXcoOmRvZ1gbLqTBdZzz2H-VAm0kjvVURy4uw8U7JH_d4MtW_gsgl_0j0cNaHzjsVS-YnRmUzF7Ra8vCSSoSkBiV7AIrpj5oNBXzqJEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRvZ1gbLqTBdZzz2H-VAm0kjvVURy4uw8U7JH_d4MtW_gsgl_0j0cNaHzjsVS-YnRmUzF7Ra8vCSSoSkBiV7AIrpj5oNBXzqJEZ&google_hm=IgleCGzhSiKd3wpLxYmr_GQ

Request Chain 191

https://fw.adsafeprotected.com/rfw/st/1653353/74212597/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014092394&ias_pubId=pub-3619133031508264&ias_chanId=1&ias_placementId=20544378887&bidurl=https://sazi.online/&ias_dealId=&xsId=ABAjH0iM571-lH9Z4SSfgkr7Lz2b&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iM571-lH9Z4SSfgkr7Lz2b&adsafe_url=https%3A%2F%2Fsazi.online&adsafe_type=y&adsafe_url=https%3A%2F%2Fsazi.online%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3619133031508264%26output%3Dhtml%26h%3D250%26slotname%3D6364869509%26adk%3D164948202%26adf%3D299928974%26pi%3Dt.ma~as.6364869509%26w%3D300%26lmt%3D1694794806%26format%3D300x250%26url%3Dhttps%253A%252F%252Fsazi.online%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1694802011931%26bpp%3D1%26bdt%3D4936%26idt%3D2%26shv%3Dr20230913%26mjsv%3Dm202309120101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dc05cbdbeda9ad33f-22cca89e72de00ff%253AT%253D1694802009%253ART%253D1694802009%253AS%253DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg%26gpic%3DUID%253D00000d9337315ec5%253AT%253D1694802009%253ART%253D1694802009%253AS%253DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw%26prev_fmts%3D0x0%252C980x280%252C620x280%26nras%3D2%26correlator%3D2469268713378%26frm%3D20%26pv%3D1%26ga_vid%3D211662011.1694802007%26ga_sid%3D1694802009%26ga_hid%3D1263498494%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1300%26ady%3D944%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44795922%252C44800659%252C31077705%26oid%3D2%26psts%3DAOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%252CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV%26pvsid%3D3469188166586444%26tmod%3D482352261%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfoeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3Deav9meEzQL%26p%3Dhttps%253A%2F%2Fsazi.online%26dtd%3D6&adsafe_type=d&adsafe_jsinfo=,id:bc8411a4-651b-e233-f79e-7b72d824a091,c:ojrarL,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-66d749fdb4-dwr6w,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:371,mot:0,app:0,maw:0,fm:tPX2wOo+11%7C121%7C13%7C14%7C15%7C161%7C171%7C18%7C19*.1653353-74212597%7C191%7C192%7C193%7C194,idMap:19*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:389,oid:82ee60e0-53f4-11ee-9e4f-f2dcd5ffa1e0,v:19.8.439,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&xsId=ABAjH0iM571-lH9Z4SSfgkr7Lz2b&ias_xappb=

200 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sazi.online/
Redirect Chain

http://sazi.online/
https://sazi.online/

148 KB
45 KB

480ms
395ms

Document
text/html

2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

20a20052455646787437b807cf2047d982c1083bfc69dca08798fdc18bd5175a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
cf-ray: 8072e1bd5ae1929f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 18:20:06 GMT
last-modified: Fri, 15 Sep 2023 18:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1SI1reFq8GxYCSy4BCybzy5BxDa4xYS%2BR95GX2iEWRLqRxtY28CTJ%2FtRHQxJKQX7k1f61qOtcBmSdlu05MBG42MIcj15kSB5VvpTAi%2B2Vvxycs5Hf%2FSC9SBTbd6C77LQsc%2F9fGiJiJOzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: DLEMP
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 8072e1bc7da01e50-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 15 Sep 2023 18:20:06 GMT
Expires: Fri, 15 Sep 2023 19:20:06 GMT
Location: https://sazi.online/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To43A5WnR0GiNyAMfTv1S6A4qVu2XhbbxppigSoJ8zVIzmlsv%2BUOUwmud6A2Y8u%2FTSfxlg%2BXQ7r9xsqRJrKLLuJ3xuhhVs2%2FaJSGL8YQoKIFQ5ZYl%2B4rS9CD4szU0MlYTYDGRfxdwnUKfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
sazi.online/wp-includes/css/dist/block-library/ 102 KB
14 KB 51ms
50ms Stylesheet
text/css 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-includes/css/dist/block-library/style.min.css?ver=c6d4f54ff5f7e221a70cdd46daa396b3

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102390
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Sep 2023 10:38:49 GMT
server: cloudflare
etag: W/"6502e2b9-19824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyIeXDoYUAqOrrvZ0aTjIwPjTruSH7vf09FedP7SZMpk4%2BK0IUmTYLzSYZOPFS65%2B4aRSGGzC5F6PhYi8p5FPRkgE%2BM2XuyJHY%2FG6kP6oR8DwNix40D0VO7HC3WZ%2B0EJbMWi43M2BFVX9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1bfdd83929f-FRA
expires: Sat, 14 Oct 2023 13:53:37 GMT

GET
H2 200 style.css
sazi.online/wp-content/themes/enjoymini-pro/ 64 KB
13 KB 49ms
48ms Stylesheet
text/css 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/style.css?ver=20221104

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

212f0cac0b66cca9a0a07c8e795245f967d651de5322f665e2d6a73ad477c0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102389
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-fea9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1N1Yz25vJjVF7zgcqL0TNteE9AAJnfMzN9O2u2rqLo06YAKBE8o9AG5eOg%2BHl%2B%2Be9MGW%2BpHZkjqsrOPa54B9%2B2c4RSkxErnsCMhKFtcz8fUWdQ5mbr04bkpV70mlpzjkhNxnJdMBIC9Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1bfdd85929f-FRA
expires: Sat, 14 Oct 2023 13:53:38 GMT

GET
H2 200 responsive.css
sazi.online/wp-content/themes/enjoymini-pro/ 8 KB
2 KB 52ms
50ms Stylesheet
text/css 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/responsive.css?ver=20221104

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

a486dd876605ca00e690046515d518bfb57dbe08d0da2b208ad860247f589dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102390
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-20fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EINlu7uR0BlceQWjud6jh6lsnKRt7DPmvJhDnzNkagj4SMMWGffJheDN00EqiSzqW4c5%2FlHPV0uubBf0eyDnLlM8ulNwcJ4TFg1pFfsl%2BEBP43LJS%2BCKocGLTN1yCwL8omg98IH6KZm4jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1bfdd88929f-FRA
expires: Sat, 14 Oct 2023 13:53:37 GMT

GET
H2 200 genericons.css
sazi.online/wp-content/themes/enjoymini-pro/genericons/ 154 B
411 B 55ms
53ms Stylesheet
text/css 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=c6d4f54ff5f7e221a70cdd46daa396b3

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102390
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BK0e4UK6c4VmQrEUbcSDwDqOwBYSo5dNdCOAF2qk%2FIFxLn5DFh9wLzkaVepWaH9cx5kjHzjXMsQnRs5nLEoLVeFNWctlxtY95%2FjQ1FRAY985kh0mcCON59ZcA9DnVDKyAoDrvQ5QjdJKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1bfdd89929f-FRA
expires: Sat, 14 Oct 2023 13:53:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

899cdd5ff53d9cad60fc77671c1221cb3c4ed757132ce4e18f2f51369606f117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 18:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 18:20:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 18:20:07 GMT

GET
H2 200 jquery.min.js Show response
sazi.online/wp-includes/js/jquery/ 85 KB
31 KB 52ms
51ms Script
application/javascript 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102390
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Sep 2023 10:38:49 GMT
server: cloudflare
etag: W/"6502e2b9-155ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKFup7nrF7QAaLbvtPRlXkG77z1yEjLvKwzbvxZGzEnwS99butUvLf42fNGXcGkKEuAJ%2B0yfPaqU%2Fx21dzVpuLYMKhbAZVjBt7yqm%2BLCTT9hx66T9hpQS0u5WF%2FaEUEUHUBROaYc2K8J9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1bfdd8a929f-FRA
expires: Sat, 14 Oct 2023 13:53:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
68 KB 144ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-189072159-18

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7978607c6e15cdea4877eb192ae5a9e606bda26d6a9fd62deefc74a1a7320d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68717
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 18:20:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 187ms
97ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6ef0ce51af02ff26f63c55b46c2707f15b6765b527b03e61c7e3ac9a36b4e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86629
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 18:20:07 GMT

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 591ms
177ms Script
application/javascript 2400:52e0:1a01::996:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::996:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-996 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 986
cdn-cachedat: 09/15/2023 13:04:33
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.3
alt-svc: h3=":443"; ma=2592000
server: BunnyCDN-LA1-996
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: 9a972a24f448bdbb854bea32ef41db02
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 234ms
144ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6X02JH402Y

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e123af706e543d1cf24e7b7972f27dbe8415d126ba8cba23f5746983a6246023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 18:20:07 GMT

GET
H/1.1 200 ba298f04.js Show response
aj1559.online/ 36 KB
36 KB 780ms
234ms Script
text/javascript 212.124.124.115
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/ba298f04.js
Requested by: Host: sazi.online
URL: https://sazi.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: 3351b7b8669bf282e512a86d1cfde14ec965039b868928e7800a8d6db7df0fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
accept-ranges: bytes
etag: "058cd48f3a40d08a17d1e1815e961ca79"
content-length: 37184
content-type: text/javascript

GET
H2 200 genericons.css
sazi.online/wp-content/themes/enjoymini-pro/genericons/genericons/ 28 KB
16 KB 49ms
48ms Stylesheet
text/css 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/genericons/genericons/genericons.css

Requested by

Host: sazi.online
URL: https://sazi.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=c6d4f54ff5f7e221a70cdd46daa396b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=c6d4f54ff5f7e221a70cdd46daa396b3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101837
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-6e6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpq%2FWNV%2F%2BDgWQO3R2Pc2xX6nMj9FLRSej5nOvQMt%2Ba63LN7ZeNWbRZ6jsrfIhO1pUYdaHgn9NvTAfSxwbs%2F3g557mwIgGp5p2288qYVr4lRC1zAden8GP%2FXT%2FJDrl2Pdxk0eoSoaFLLeqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1c03dda929f-FRA
expires: Sat, 14 Oct 2023 14:02:49 GMT

GET
H3 200 superfish.js Show response
sazi.online/wp-content/themes/enjoymini-pro/assets/js/ 7 KB
3 KB 88ms
88ms Script
application/javascript 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/assets/js/superfish.js?ver=c6d4f54ff5f7e221a70cdd46daa396b3

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102329
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-1d7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsLFTsSI39khYFMth8cORrlVt82nh0JxV5hfc50qyf1FZFs%2FPTE%2Bw6RnlLgjzTZODQOHfsYl0bG7pBlNCZM7a2Em2mhUkAEyYzsR1Qms3zu4DyBdKV54ytKnB53UUPLdF0TKsO2xhDIuQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1c06e44900c-FRA
expires: Sat, 14 Oct 2023 13:54:38 GMT

GET
H3 200 html5.js Show response
sazi.online/wp-content/themes/enjoymini-pro/assets/js/ 10 KB
4 KB 49ms
49ms Script
application/javascript 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/assets/js/html5.js?ver=c6d4f54ff5f7e221a70cdd46daa396b3

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102329
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-285a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBNdw84EOLO%2FF3z6lfYHgOxQy8lKv3zLD8xE8TZ2IBAyaCsI9p1wMrYrUWpglDPmH2h%2FJ%2BjkRCOwL8yXlZabrAm%2BeRK6E1Z5mWaA8aB5duTeK3mvPdQSBSTyeSIsLnvZmL6BxwY67K44tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1c06e45900c-FRA
expires: Sat, 14 Oct 2023 13:54:38 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
sazi.online/wp-content/themes/enjoymini-pro/assets/js/ 16 KB
4 KB 90ms
89ms Script
application/javascript 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/assets/js/theia-sticky-sidebar.js?ver=c6d4f54ff5f7e221a70cdd46daa396b3

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

41f806a19a20885a156ceb760f01b4fddc9e037b0f94dbbdaf33c53077f5fc08

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102329
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-3fc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84YUDOtPPBarsBQIjesy9amy%2FnhPHWDA6ELv7y4j76RZmLJEHdI2KaIh%2BBAR83J6%2BIcsnvF%2FMwFKJqBJ0wELyPmsa7vpNuuVvDtCDcaEiEG7VgnVRZ%2BXoEsPhKdb%2B64A86un40xLWguXOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1c06e46900c-FRA
expires: Sat, 14 Oct 2023 13:54:38 GMT

GET
H3 200 index.js Show response
sazi.online/wp-content/themes/enjoymini-pro/assets/js/ 30 KB
8 KB 49ms
49ms Script
application/javascript 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/assets/js/index.js?ver=20221104

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

d7916c6132f0392c7510dde696b89d51cf0685306f6ffc51b6e9861aa8a72b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102329
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-77a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYI3Q7YodKPXrrGTxwG6jj0voRFd5%2BmCFEb7hpwhAGqZNjDYXmhM5%2BVVAG51PDcRadTYSeFeidpaAZHcX82U%2BdVHmpfwMTyLkQ2ofrfItZ%2B%2F4cidTxbUJDOw7ds2JqjevT6mOD%2FEnLkKZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1c06e47900c-FRA
expires: Sat, 14 Oct 2023 13:54:38 GMT

GET
H3 200 jquery.custom.js Show response
sazi.online/wp-content/themes/enjoymini-pro/assets/js/ 2 KB
1 KB 91ms
91ms Script
application/javascript 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-content/themes/enjoymini-pro/assets/js/jquery.custom.js?ver=20221104

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

efd365de63fcccafddd9d7117b168373eab0aaa4c5823de48df849e4936a1e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102329
x-powered-by: DLEMP
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Apr 2023 02:04:08 GMT
server: cloudflare
etag: W/"643a0618-8f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L7TPwUG4%2Bm5kB3S11dJsa1Mnsh62xIqOd13n86HBOIjsDrIudSTSlj9M1atb8iKC%2B3z6EkGSu8DsCsDQ2tRadirUiCT%2B8fpk9%2FtpeLlmaW5xmQGysfafcSmDWZICbVFTqZ53geysKuIqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8072e1c06e48900c-FRA
expires: Sat, 14 Oct 2023 13:54:38 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 143ms
51ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcsbMUlAAAAAFswz6m-Wag8MDNnx1xn-TCn364a

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb268d25119fb5f6e2727162ba9248809161ab2e4bd38b9be6998783df697573

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 862
x-xss-protection: 1; mode=block
expires: Fri, 15 Sep 2023 18:20:07 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 131ms
43ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:27:54 GMT
x-content-type-options: nosniff
age: 85933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:27:54 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 255ms
167ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 07:36:26 GMT
x-content-type-options: nosniff
age: 38621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2024 07:36:26 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qWVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v18/ 20 KB
21 KB 255ms
177ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qWVyvHpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acf9911eaa381e18fbd67241d47323ca848dfa1fe1fd0e1c02ba90e319809649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:21:23 GMT
x-content-type-options: nosniff
age: 46724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20904
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:31:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2024 05:21:23 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v18/ 19 KB
19 KB 239ms
161ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9d1c1b33a4f2c317f1519d34ff980b8fcc49330f368ca44e7e5f7974db772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:38:21 GMT
x-content-type-options: nosniff
age: 261706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19332
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 17:38:21 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qfVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v18/ 26 KB
26 KB 220ms
141ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qfVyvHpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77585e79dae352ac04c4746c5f6ba64f3b616e699f7045a73c84302962a602a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 07:50:03 GMT
x-content-type-options: nosniff
age: 297004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26704
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:09:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 07:50:03 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 17 KB
17 KB 232ms
154ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:31:26 GMT
x-content-type-options: nosniff
age: 85721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17600
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:48:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:31:26 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 78 KB
78 KB 176ms
99ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:40:07 GMT
x-content-type-options: nosniff
age: 85200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:40:07 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1pL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 22 KB
22 KB 269ms
194ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1pL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d92c6cbc1d482cb917c2ccca6da263f9443600d3f4d595a96d924c1682ee9b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 20:21:54 GMT
x-content-type-options: nosniff
age: 79093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22480
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:25:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 20:21:54 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2JL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 27 KB
27 KB 205ms
129ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2JL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700%7CPT%20Serif:700,400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c3007b80d1197de7a0014c537d9d6fc4a5b77ed6e2797a10e180600647c4e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 22:33:25 GMT
x-content-type-options: nosniff
age: 71202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27284
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:47:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 22:33:25 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ 455 KB
184 KB 129ms
41ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcsbMUlAAAAAFswz6m-Wag8MDNnx1xn-TCn364a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187512
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 11:35:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6X02JH402Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2137289b39631f8ef921a8753988405e659507b8ecb02a33df1ecac1dce0976b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 18:20:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 17:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2146
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 19:44:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2573f3f7854bf1486b629505ca6128352250e4dae42658985b79628227650151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 18:20:07 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 137ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PX3PZ6Q9RG&gtm=45je39d0&_p=1263498494&_gaz=1&cid=211662011.1694802007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694802007&sct=1&seg=0&dl=https%3A%2F%2Fsazi.online%2F&dt=Sazi.Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sazi.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 152ms
48ms Ping
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PX3PZ6Q9RG&cid=211662011.1694802007&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sazi.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 167ms
77ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PX3PZ6Q9RG&cid=211662011.1694802007&gtm=45je39d0&aip=1&z=518229682

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 136ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6X02JH402Y&gtm=45je39d0&_p=1263498494&cid=211662011.1694802007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1694802007&sct=1&seg=0&dl=https%3A%2F%2Fsazi.online%2F&dt=Sazi.Online&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6X02JH402Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sazi.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7E8F 51 KB
28 KB 68ms
64ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsbMUlAAAAAFswz6m-Wag8MDNnx1xn-TCn364a&co=aHR0cHM6Ly9zYXppLm9ubGluZTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=p0zleqg359kv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a8c4445fb3fa2082d4f51928f28b4b6ecadb9ff56b7af244ccff2d2c84e6b2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9suei4V7ChtlzyVyKZdSag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sazi.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28575
content-security-policy: script-src 'report-sample' 'nonce-9suei4V7ChtlzyVyKZdSag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 18:20:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 50ms
49ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1263498494&t=pageview&_s=1&dl=https%3A%2F%2Fsazi.online%2F&ul=en-us&de=UTF-8&dt=Sazi.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=644035598&gjid=1461904804&cid=211662011.1694802007&tid=UA-189072159-18&_gid=596744849.1694802008&_r=1&gtm=457e39d0&jsscut=1&z=791437102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sazi.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sazi.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 7E8F 55 KB
24 KB 136ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsbMUlAAAAAFswz6m-Wag8MDNnx1xn-TCn364a&co=aHR0cHM6Ly9zYXppLm9ubGluZTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=p0zleqg359kv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 16:52:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 7E8F 455 KB
183 KB 157ms
59ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 11:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187512
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 11:35:53 GMT

POST
H2 202 event Show response
plausible.io/api/ 2 B
500 B 1052ms
377ms XHR
text/plain 2400:52e0:1a01::996:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a01::996:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-LA1-996 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://sazi.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Sep 2023 18:20:08 GMT
cdn-edgestorageid: 996
cdn-cachedat: 09/15/2023 18:20:08
cdn-pullzone: 682664
application: 10.0.0.3
alt-svc: h3=":443"; ma=2592000
content-length: 2
x-request-id: F4Ulcohe-ebxMHbJpZkF
server: BunnyCDN-LA1-996
cdn-proxyver: 1.04
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: 8b5694fa5c1288dd17c77498e46d056f
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3

200

main.js Show response
sazi.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/ Frame ECB4
Redirect Chain

https://sazi.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://sazi.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

7 KB
4 KB

47ms
47ms

Script
application/javascript

2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57de4757a0debf6ea07a1b6aadb2bc1bd943861896dfb0855ca6b0b4ba29165e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFjoTRsNfqI627kwAALb5WCQMS%2B4eXDim%2Fdg48Bg7y0P4kZiNNC1rLkWLMnPHo99Nma2vrkZ1ch7xoWsV1UAB8fshZh1uMMQaE5neatTj1BJtuOgheKEIj1HWHnwDdw6AnZAiE0MJvPIJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8072e1c50b9e900c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 15 Sep 2023 18:20:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldZaEPNuHNqzjZ%2Bak3XMfD0ESaSEWUdYnXJwnAP5FvOh3R0aWd9NyQCvsKp%2Fj3RDaxlB3suHOYCXkvJRJJFxFw8VhoUEzVHN83B%2BmR9Hnlf6fT7G5iUoJSiAcBv9Y2ieN7VxcHevdNYZgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8072e1c4cb45900c-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 8072e1bd5ae1929f Show response
sazi.online/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame ECB4 0
586 B 82ms
65ms XHR
text/plain 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/cdn-cgi/challenge-platform/h/b/jsd/r/8072e1bd5ae1929f

Requested by

Host: sazi.online
URL: https://sazi.online/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 15 Sep 2023 18:20:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tryVvecsRN736bUgWzVcB%2F1hNhtjeOlfPpYNf3kQdSlaC3i9gI3d2Kr32245r2m4yaIfEu9oAPgtFv8GVnMiVUAgU2Bj%2BQTCt82Tm0SjM2%2BrxGZxHAdTtvpM7x3JWz5dZowDi7cocPAmag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8072e1c63d15900c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7E8F 2 KB
2 KB 57ms
49ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 06:02:48 GMT
x-content-type-options: nosniff
age: 562640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 16 Sep 2023 06:02:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7E8F 15 KB
15 KB 79ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 573725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7E8F 15 KB
15 KB 78ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:51:22 GMT
x-content-type-options: nosniff
age: 563326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:51:22 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7E8F 102 B
134 B 80ms
71ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=uEf7E1417z6GNSkRx7AyL8K8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa619b53bd27f4d0595f858544068ecc8e1556610e8a36feee5eb550d3aec09c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsbMUlAAAAAFswz6m-Wag8MDNnx1xn-TCn364a&co=aHR0cHM6Ly9zYXppLm9ubGluZTo0NDM.&hl=de&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=p0zleqg359kv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 15 Sep 2023 18:20:08 GMT

POST
H/1.1 200 z30gmtq5qTYi1TSGcSz85onxkKNpLV_VmQ4NKaEtXN9Y2Re9ikkXf4crxJrzj9fLziPVvkdSWKnDg9damHh0KIadPbIbGGU6k_FKy0WbbidoRDrQnwb63T1xCCrwWfl1MTFbGi8v7ZpiU-duSPt3yzha7WOlSBc7oKqRAYUEyJMKzgFYA-DCZX9kInchEkzX8uUAA... Show response
aj1559.online/ 1 KB
2 KB 122ms
119ms XHR
application/json 212.124.124.115
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/z30gmtq5qTYi1TSGcSz85onxkKNpLV_VmQ4NKaEtXN9Y2Re9ikkXf4crxJrzj9fLziPVvkdSWKnDg9damHh0KIadPbIbGGU6k_FKy0WbbidoRDrQnwb63T1xCCrwWfl1MTFbGi8v7ZpiU-duSPt3yzha7WOlSBc7oKqRAYUEyJMKzgFYA-DCZX9kInchEkzX8uUAAu5wNzBCiWCrNS63xlQTasx23WwdWf3UPT_NO6PmMfp4u55bn7stj3e_-54sk1X4J3vX4M0CStBSHfJpvWvf-THYGWKOuVztS1F1ZvNI-B6a33NnPPrW7AyBvGHg3P2F8YDAMNn4HI4y78CPZYnJT0vO89niG8old6q8d0yQYhWcz9MOrSs6KB1H5tbIPaSvHUPr5zi7mJae3clY6OOMrDVz5ARK4Nd3tWj4v_nW0jga9YoS_TU0hQ0lg8g?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: ecf4ed10bdd02d997835d62368a900bd08f394d4dc736a827c8ca7ebb18d0d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:07 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://sazi.online
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1250
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zHtgtI7AfR0CAgUXdb3vHPkHV1GSESQf5UkiWQI_T9GoCSQCTvO2fhNc7exMnhorueMOQnItEt0ZABfQ6uQ9LpP_4E8b-XI1m1p14piFl2tHejOmmpaRno0aJNM_kBV9UifyDTJdRjv825B2M9R8xY8yQoKMC-PpV5IBNCuu-cViZywZvtGCbXvznXYPZJrPqekjO... Show response
aj1559.online/ 2 KB
2 KB 239ms
119ms XHR
application/json 212.124.124.115
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zHtgtI7AfR0CAgUXdb3vHPkHV1GSESQf5UkiWQI_T9GoCSQCTvO2fhNc7exMnhorueMOQnItEt0ZABfQ6uQ9LpP_4E8b-XI1m1p14piFl2tHejOmmpaRno0aJNM_kBV9UifyDTJdRjv825B2M9R8xY8yQoKMC-PpV5IBNCuu-cViZywZvtGCbXvznXYPZJrPqekjOqMu8bGpNWXLwXUpUK4xrfyJR9om4IrutOZ2KbbUd3mw2DHzWMkCDI3MoN2Y8GuTPfdNPChnm15SNQWSDBWk58tYtiSNZhBu3BfZZhwMFG9fjmWPn7M3kpEnKTFJsCoiEyW-xkjlyar6Lk1uxfplfqd3VMRK0Yg-dUM35_osyMmrb6LiKaWpfq7_GTefCaALLlfOj5j8xWJDD8sJBu0s2C0qnzYm-XYZhV5X0hCOFpJTvlF2-TRh1Eh9j8g?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: ace443488186d8b776d6a9843c6f9b80ca18474cc2e2c821ef5f4ddd7ab3fb81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:08 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://sazi.online
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1675
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 186ms
91ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: aj1559.online
URL: https://aj1559.online/ba298f04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34abe783448328545727cdb92f8be1840992e31f95ac3b5161522c7a152ca37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50912
x-xss-protection: 0
server: cafe
etag: 16814783464553571823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 18:20:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 380 KB
129 KB 197ms
114ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=sazi.online

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5099a8e43b0f2546056b5ce3aa812b4c15809b98ccbacb90c25624b95d11d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131913
x-xss-protection: 0
server: cafe
etag: 5209978132756612705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 18:20:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame 8D7A 10 KB
5 KB 135ms
42ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 21:00:01 GMT
etag: 8554266389219770021
expires: Thu, 28 Sep 2023 21:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 ba298f04.js Show response
aj1559.online/ 36 KB
36 KB 130ms
128ms Script
text/javascript 212.124.124.115
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/ba298f04.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: 3351b7b8669bf282e512a86d1cfde14ec965039b868928e7800a8d6db7df0fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:08 GMT
accept-ranges: bytes
etag: "058cd48f3a40d08a17d1e1815e961ca79"
content-length: 37184
content-type: text/javascript

POST
H/1.1 200 z5DQG2IK9vuS9RarxshcenlH9pQKZKqB6WoEZwvSl81nn8h4GbN_h0g_fWaNPPO6CJ8bg0OtWnPv-BRVeBQjLgyqkIjTAcfYVpprIq3Q24xZV2sNDI-aMa1Rc4-j8ioxKlJkacwyBRwbpsUHGXfZo4F60DRMBeyRME_P9MxIZ2e0Z3auJX0hH_pQ06cp6CQQmlrw5... Show response
aj1559.online/ 2 KB
2 KB 198ms
197ms XHR
application/json 212.124.124.115
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/z5DQG2IK9vuS9RarxshcenlH9pQKZKqB6WoEZwvSl81nn8h4GbN_h0g_fWaNPPO6CJ8bg0OtWnPv-BRVeBQjLgyqkIjTAcfYVpprIq3Q24xZV2sNDI-aMa1Rc4-j8ioxKlJkacwyBRwbpsUHGXfZo4F60DRMBeyRME_P9MxIZ2e0Z3auJX0hH_pQ06cp6CQQmlrw5TQgEu50MWtQ0z49om4BskrcbkrpHH4U3VZWKkvialtTYP-eM0hBwLixA6QXjS6jy6-Fjok05PZFYd8t7Nt48euEGTqKHzTBMI3G1sZRNJAt5nyzGNFL2Vbz6GD2f2G8vgdTNx8vXiE5THZ4kWPpvqnr0VXnjQVDD8CcmPJcyUiiASG0W7_atvrGb6Wqf74xMngdb5ZiRyDne_g6WxlS-TFwOK20_dqfz4OLoLpvimHMaGYa-Skp0Fh1h9Q?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: d7465e0b0af835cfd022048ef505c83512b5882a1fd568fc7eac5190a43c97ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:08 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://sazi.online
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1901
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sazi.online-passback-balloon.min.js Show response
server.zmedia.vn/static/template-v2/passback_balloon/ 18 KB
6 KB 3238ms
218ms Script
application/javascript 103.171.93.27
EVG-AS-VN Everest...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template-v2/passback_balloon/sazi.online-passback-balloon.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.171.93.27 , Viet Nam, ASN135990 (EVG-AS-VN Everest Global Joint Stock Company, VN),
Reverse DNS
Software: Byte-nginx /
Resource Hash: d954fe33b0f989aa06f4bcc08e2b717e984cb15313c67caaf5a093d26fe72317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Fri, 15 Sep 2023 18:35:11 GMT
date: Fri, 15 Sep 2023 18:20:11 GMT
content-encoding: gzip
last-modified: Fri, 15 Sep 2023 08:22:44 GMT
server: Byte-nginx
ef-country-code: DE
etag: W/"65041454-468d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
ef-cache-status: HIT

GET
H/1.1 200 zYJpGlzejhqw-nNDeWZc4tpUdkrpxJNEz1uUmb4pPCivZnfEPUbc9GihkE9znQuZObxcVN7a-A7mXDFtFVqLsljTkLgQ41plhkqNPJuapWqcD-75XN7f9ZuhtT24K1Yz_DyDTYffmFCqDfgUQW3u1Ly0OqfEcCAqa0S6Wemi7sFN_W8dTA4tzlurcESkKlGKLV6fD...
aj1559.online/ 49 B
512 B 120ms
119ms Image
image/gif 212.124.124.115
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zYJpGlzejhqw-nNDeWZc4tpUdkrpxJNEz1uUmb4pPCivZnfEPUbc9GihkE9znQuZObxcVN7a-A7mXDFtFVqLsljTkLgQ41plhkqNPJuapWqcD-75XN7f9ZuhtT24K1Yz_DyDTYffmFCqDfgUQW3u1Ly0OqfEcCAqa0S6Wemi7sFN_W8dTA4tzlurcESkKlGKLV6fDoJQHMc4Bm9KksxHQ-5uyQga2eGwKmHV-bPKj2F3sS5zJLrMjTZFGgunobJAQ0dE3EBq-dTMOu9HgihMFb2zTSmTrZHEllIVHDg0DhEpk8e5JfImX-wn9_DwpJMzXhw4r72OqpMXNBysiJLKBT7YKLppAS8Wuyp51p06dnT7YDUkeoqXiRfDYYI-2za-0AN7aHH1RcLFjfVHZ?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:08 GMT
last-modified: Tue, 16 May 2023 20:36:16 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1684269376000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 404 sazi.online-passback-ptopc.min.js
server.zmedia.vn/static/template-v2/passback_ptopc/ 0
0 3048ms
227ms Script
text/plain 103.171.93.27
EVG-AS-VN Everest...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template-v2/passback_ptopc/sazi.online-passback-ptopc.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.171.93.27 , Viet Nam, ASN135990 (EVG-AS-VN Everest Global Joint Stock Company, VN),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H/1.1 200 z5FDQJwy0MZ4SOFo6ywyKGkeVEn0ZeLzYNHfD4wAGpAI0fJThzNyepRuM9-cXCCa-Le0JDYvOZh1uXAmUUb9Eazvl5Ua6Rt0vDT9SKTNsnv8GZ0fpC1HZvyh0kGjBZWPCIKfEzfhtqtRvuUNfVTZO2Uv1vdhWo1_wAOKprT_KaYexhTbPGZ0mrjQ-KSJZPFzEdHxO...
aj1559.online/ 43 B
642 B 119ms
119ms Image
image/gif 212.124.124.115
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/z5FDQJwy0MZ4SOFo6ywyKGkeVEn0ZeLzYNHfD4wAGpAI0fJThzNyepRuM9-cXCCa-Le0JDYvOZh1uXAmUUb9Eazvl5Ua6Rt0vDT9SKTNsnv8GZ0fpC1HZvyh0kGjBZWPCIKfEzfhtqtRvuUNfVTZO2Uv1vdhWo1_wAOKprT_KaYexhTbPGZ0mrjQ-KSJZPFzEdHxOKnRJuXwuFw6VbxLRPmOVGOV0NFAJfXiATl8dzAD4w21tmKmsIs-TeAdpmoqSZM76NDMTfXKDUS01zka8QFmaiHZESr1PPaavcDJ3msztjxAynS3xuyBeM-0bLKbpoCYKzqrM5cz5elGmTgatHychdAEodHLCRlojsXN1b3R1XtLDW0Kq47JpjkGtpCVg7nYBc6c2Jpj-SeYvjG5b_9lQAQaClScKM3EUvL3n?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:08 GMT
last-modified: Tue, 16 May 2023 20:36:10 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"43-1684269370000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 175ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sazi.online&callback=_gfp_s_&client=ca-pub-3619133031508264

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=sazi.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f770f53606f5b101a6dc372072d4823db885063e9bdff67345248ce8507f31ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 352A 12 KB
5 KB 466ms
465ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1694794806&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsazi.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008506&bpp=10&bdt=1512&idt=392&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2469268713378&frm=20&pv=2&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=429

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83b934e7be461a1f81470a412da856458331dec72368fbd06412b59c1471b8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4946
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 18:20:09 GMT
expires: Fri, 15 Sep 2023 18:20:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 142ms
142ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 141ms
140ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 102ms
101ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230913&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbc425efffa7966d0215a1f8401aac691ee82cb07e1961f90b31bb07a5b80cd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11911
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F977 83 KB
26 KB 267ms
266ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=2264433467&adf=501445130&pi=t.aa~a.900623758~rp.4&w=980&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&to=qs&pwprc=4006195085&format=980x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008516&bpp=1&bdt=1522&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aaZgRCuQVp&p=https%3A//sazi.online&dtd=432

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c8194abaf57a3d9668303c2f4be90448493d1d085af8785b91ffeb14d39f1a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 18:20:09 GMT
expires: Fri, 15 Sep 2023 18:20:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 665E 84 KB
26 KB 466ms
460ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=3004208991&adk=2312289932&adf=1206385394&pi=t.ma~as.3004208991&w=620&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&format=620x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008530&bpp=1&bdt=1536&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=76g62TFsd1&p=https%3A//sazi.online&dtd=430

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a120f21a80def5f87911ade7dfdccaeae400dbd262acf1bb0ddd0d1946942a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26938
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 18:20:09 GMT
expires: Fri, 15 Sep 2023 18:20:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 157ms
50ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 18:20:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBA4 13 KB
5 KB 56ms
49ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 17:04:19 GMT
expires: Sat, 14 Sep 2024 17:04:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3279 829 B
558 B 69ms
64ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d31e66c7768ab41b052c4e4a972c74f021690a597b7b8899604abf5e95ac9bb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZtME0-jkN1s1os0_C4d7iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sazi.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-ZtME0-jkN1s1os0_C4d7iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 18:20:09 GMT
expires: Fri, 15 Sep 2023 18:20:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame F977 23 KB
9 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=2264433467&adf=501445130&pi=t.aa~a.900623758~rp.4&w=980&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&to=qs&pwprc=4006195085&format=980x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008516&bpp=1&bdt=1522&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aaZgRCuQVp&p=https%3A//sazi.online&dtd=432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F977 8 KB
846 B 54ms
52ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 18:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:32:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 18:20:09 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame F977 15 KB
3 KB 144ms
39ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame F977 368 KB
128 KB 145ms
41ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame F977 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3279 0
0 144ms
143ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230913&jk=3469188166586444&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js Show response
pagead2.googlesyndication.com/bg/ Frame DBA4 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5363601ae17d7a5fa626c15742ee2633a6025b5cc5d6f1afd9758e08928471f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 01:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14685
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 01:33:47 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DBA4 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3E9jMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 665E 23 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=3004208991&adk=2312289932&adf=1206385394&pi=t.ma~as.3004208991&w=620&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&format=620x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008530&bpp=1&bdt=1536&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=76g62TFsd1&p=https%3A//sazi.online&dtd=430

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 665E 8 KB
750 B 53ms
51ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 18:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 16:36:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 18:20:09 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 665E 15 KB
3 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 665E 368 KB
128 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 665E 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F977 0
234 B 211ms
60ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lmkxcvwx&c=1369549433908&slotId=684774716954&qqid=CMqM2L2drYEDFY9KwgodbsQFfw&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F977 15 KB
16 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 167286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 19:52:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F977 15 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 159113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 22:08:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F977 0
20 B 145ms
145ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CvMl3WKAEZcqAPY-ViQbuiJf4B9GJ2O1yjNDy5bwR3aq81_ICEAEgzs6GaGCVwqaCsAegAfujjoYqyAEFqQJJqdCkauZjPqgDAcgDmwSqBJ0CT9BUni2bxFoRjvemLhtJAyH5SjUCfVOku_ZQBKGeb-cP8ufKw_SJHFsXL3tqNJ0PjxZyvJcqxCTvENn58U-yMmsfPsQUtcOZOKxJkUbYTCYP_pOeGDxLyj6h90I6iuvWlcWcMackz6akqUX0W6d8PhEY01NakCL4PnX0jEAb596KVP5GkeMR4vQQcbSlQ1n-po6_kBlk2WmMRpHfM72SKSjgRvZhdiY4mVfQ2s1ogLH_X_2XR1WzjG4Jxq3caGd7ynwMABZDuwxm8sko0AvBeJfUHedRc93vCcenzoDcDZAiGHVNy2o8ymALd72T0Fbz5dxeXAOuS2-P0iH-7eG_MT8YQ4ys_Ma34hQm2Fza1VtcuCr8298tM7p5GvvLwASoyruj1ATgBAOIBfGrhL1MkAYBoAZ2gAf7297lBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE8eL2xTIE-Gs1uMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1694802009499&ai=CvMl3WKAEZcqAPY-ViQbuiJf4B9GJ2O1yjNDy5bwR3aq81_ICEAEgzs6GaGCVwqaCsAegAfujjoYqyAEFqQJJqdCkauZjPqgDAcgDmwSqBJ0CT9BUni2bxFoRjvemLhtJAyH5SjUCfVOku_ZQBKGeb-cP8ufKw_SJHFsXL3tqNJ0PjxZyvJcqxCTvENn58U-yMmsfPsQUtcOZOKxJkUbYTCYP_pOeGDxLyj6h90I6iuvWlcWcMackz6akqUX0W6d8PhEY01NakCL4PnX0jEAb596KVP5GkeMR4vQQcbSlQ1n-po6_kBlk2WmMRpHfM72SKSjgRvZhdiY4mVfQ2s1ogLH_X_2XR1WzjG4Jxq3caGd7ynwMABZDuwxm8sko0AvBeJfUHedRc93vCcenzoDcDZAiGHVNy2o8ymALd72T0Fbz5dxeXAOuS2-P0iH-7eG_MT8YQ4ys_Ma34hQm2Fza1VtcuCr8298tM7p5GvvLwASoyruj1ATgBAOIBfGrhL1MkAYBoAZ2gAf7297lBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE8eL2xTIE-Gs1uMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F977 0
54 B 195ms
61ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lmkxcvx8&c=1369549433908&slotId=684774716954&qqid=CMqM2L2drYEDFY9KwgodbsQFfw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.fq&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame F977 28 KB
17 KB 231ms
96ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DGQf98yZAOc-mASQa3nALhX_nQpunlZLyNlmZFNGqvhCMI9FU-hz6SnJN70itTxqxY_4hlfApX9C21HOTthmhy1fxbzw&cry=1&dbm_d=AKAmf-AlqEstH2KnUEqZndhIWshj-PQplRX-bKDxgfV4yIqHLDOtn29my_VUBpA2MiREVcVAf7lWnX6ecoOfrCJDo-pb1fKXWNKEe-87-_xBtcFItjQYH0obTDGRukBVqttYX6rmYQk9ZBAuh8LKTO8JC4hCdCjG9zFlsCnRxrbQF-2L17iqdQS5b0esDznYJzpfnVLpwqLofESOyV4SjTlgfWg5Fx03jWXd3YRenCzreIdvrFJIJz1vGi-JmxfmKQZt_lCsr2vJoi82GVTRwMwGVy7DvgOHhIJ8e5ZNgFDy022JXLsGYMJtfhMoHz03lReGylqjfxVHOrn9GMQzojifeHnkDAQv2zwclS9JYQ2gi5K62IEJJUEid7AHn5DlR_d861iqjYISq2xhj8rAkgFUjGYLuD60nGzB1ZG2vXkrfb2BwKLz8RQd7KEDrFPZAyS_3zwJKv1yqykR_kbd6N_S04vbEqIAIGFJF9ID-qydc2yijugL2iOp-qMF4AW8c7fHSFPNfB2cZWYEFxpj3X66BqdX4jMNfTt9IPjmrgCFMbo5tiwc6c4llwMxArD0gXF043GQv4bEJZv9hrs7UYoCQbezD76QP1-WhWix3_EjqAL__hV470oZ3T7BY8O7_hPqslemmNnPyrygjezrgJR6x9tTVFKgfkC_v-C2ae4glSOexq-Wfq5MiDBz3oP8myUDWT7ifaSzWJwhzVpNdQQseOnN5koUwZcxdXevJ1ixHh_t14BG2zVRk-QasGbXISjGlPG6_t-oRZfztHM2JB0RuizH420fX5M7HeYn7dBAI7c6oOc1_MQxK4q4ayFRVUxbFEv_SeIAoXjlXS-pFgLI_ut88kGPZmsvdZsl726GPz6dEY1q3RRJeOlVnqSaCYz19PKSa3i5saDYZLKUdOqVNAlDOMrg02UUZghSGcf7GlOkofQ8RjVkwwOyDpxJ-ydLHaILGzsMHjOE3_qGwHlE1WcJYchL_0MSTJMVTx9frpyi0qAAXC_aAajtUfCTh2qzPvGNidwgKxKe87Ppm5RkTlcX0dWrdu21K8E4262ofJ6dDGKo7KU5_-571HHCwrTJFZSKHzbQ11wAPOszS086VdOrHhDEdTF5sfKee2zG_2G62KoqbDbcWYOHLzOAnMccCPOd4SGTR3hO2_Wnz75e2A1Gn1_J_ehxn3M18-Ht5oesA4yo9bQrjLYcAh7jhBf5-p88dJgNZoR2M-YfwKF1_SocKniUIECBuNXebBDuhx29yJP8S0TFGnDz1mbZ6H3H6NxN6wWGnnzVNeT9NxjDUm4ZIc-O1QHG-Ghq0iWcfKv7xuP5EI1-VcOS0cv-AXf0yii2gThoFrT9fsaOdSCL0iDq7MbF7nMcxIE-ugF4KMNc9KsGEEOLNTrWHBuALfw2WWyso6tBoNYq3n6XWnCHFXliOSS5VYLgFTfgin74Rv6_VOC0ugLRUKJzFVM0oi207Aog57egSD2SPv4GXvLN25SXuUwI0F4FsHmVHAu_afFBS7PBWClzoyFW9h2FHwO0sXbx3Bwdnkq6LXu_vbBKSVijCkP6gsTHErUo0_2SDaN-o1LzddJLw9FOAaeqhb9iptqxknH8j5pABAZ-oNqlMm_Qlx4MVKz1YiU7UWRRP8gFuISbe5F0-UWxsxdHiourSCf5ovVWr-0TWGiwtpUpKFRGloC5MAXsATZj_zIyKLwGhn6Ut-1LB8X3JoRyVQhF5XFaV_iVRMshO5q-oge9-Ncsd7fBGSeARrVNh6EOGBlWIu_ZIkEcAvRu1wj17yjn6vD0CH_EEx48eyTAPMz22r9Rw3cxdf_BYqMV1A3_26XrR-8GxEtB-4y0OKU1s3xRwrVjO6roTEEr_dkbxw0CTFCMEfLAMKaeIJL2sCJA3VyzWh0KfCLQXFP7WfBCHg8436hUlDuGvltzcp4Zxx4QCnkaHGgdqZEfl0p7QrQ9B7oZqGB1OWgaP6RpvNBWz_IYGKlpRkVbBywG-YamezHH9OdAc0JyO2CuoLkJuhPqtQC7M43yHbcTHe_Vv_x2Fp3FYM4JI-cJhbAlDojNpi21xP1x1UB9BWCN6mUxz-NO6C-NLguwTnKVlSh7lyOkCyPsWpN0W5gxjUFQjk8bsfS935JpOph1ONKPDTMxfF0RD5PYIaf2hFJrVnc3S5ZOHSeO3e_d8Ax-aKuZz1P9ILNonl3lE9hxogXXuVXVUPxl011BO2AMn_iyUu_rtAJlkBhIxILZpLbj2jsrACKro3ijkuqwAG9C7PK2Rsz2ilt4dDD9LOLKz1dGBjrT3PHM5oi98SK6QdmsJy3V3Z2bhOjGiXm1cGlif2c8sUbgWos7voDCydHDAUoyakZ3njeTGhTsV6NduOmb_eIgC136pOx-mjmqmNf_3WZI11rw4t4HDxQhNxsyx_M_SCWBZ8MhYW9bTO2exZlgdRG6qNjv6EHHBHk2qXNbuMxTf5zgb68hf6El5GDq7jOrnn_xh6UnZwoU-WdcNkBzCZig8exeLlQZ1q0HogIsb9bRSAbfP2BhbmQWAaNMQvIBBguHFlmNWxnDxWX1T7GJ1SiuY27W9m5bV0T-7uZHjq4P7D7zL2Q1CLcRrVG0XQBkhjG8KI2Aq5yEVOVwNX1Xycvjvb1IqSm87-TWEhEzf-sh1yAG6O5uR1ifJOAILqu0eLVvCh5JK72aEV6EgIECj27hes9-j_JbCFQfiD9H6z_K521OtpionL8Oqu9q0UEaSFcVGlbYud81R8WYLf9x0dAyJZ1Ygg2P-ifHD_-r194mnUo10w-Iq-baesV23L9r3jBbJoOoW5CU2j05He4ZpcAWU1t_3l3xDdJ2gVLC4W-EdaoJD8EgjaQjHmGFNmb_i49EkJ50rv8GCJiAYeSphnw486ObBWHU039OZ39QV7FtWVcQhiHISuOzsHorNk-GraNEDEdKPOrI0x0SCEI_0blwyUCzPLhOJZqxR9OGqdhrGiA5mxVP9i_7crm9xQ-tlt-7Z9L1HwAmuFLT2xTCGeS90S6NVLgfTxkCbwkhPSI1eWVR8Z0VSsW6QxCW4kQgPzAr_fB8xn2sHgepq9iOfRF6qfi4hBJKBp0M0E4GqAVUjjVrSr1X4kBj_GtjlfsLmqatjmPCG64RB9Eb-u11C3b79DlXlO0nawzJKpSHhCKtjMi2qSNrZ8txpjtE7UyR_bGyy9jDxt32A1VZi0DAkAL7-vrn49K4pRNkGhZiVeO_fWJil2Z0uPZIdk0LArQYikJ-CembPyBf7uymhd9uZF9CQuKMViZbOS2n2FBooSsztuX8jIJoyAYrLg9O9lMRPFM8ZXybbR4oLO9kPXTq47etSaKG-yD7_7u73OhySWXvkx4VDL4kMBk1ykyzqIF1Kl6eEG4K4AY6A-GVyxUlBbt3aTdvc04sM0n4vd0keP4tNQly2SCNXXJuuIPK9MPUKIK5K0dRTtEodW_1iFwTeV4KumfJq5y6PUz_xrckI5d64bVt8bGmPM5mSEPLhoum40rES4YOa2q7RgJyk1YL_onRoGsDlQqhGTqg5YeYnn54N10rKHuBDzPSyiNOD4SLfQ4NFzr78Fcfq7pfEM9WykiWhpe39iCxOt6tTbgARvR_pplDzaVV1Lr_19FvfroBrpp2NppntAfkv1djLBmF1kTiKIvAdx2RfikkvrUpK4-25086zXXC-vrE9Ddm9P9KMe6TdHJwXLT0UXYD2OAH-zLf8GDMOad8VupstvWc1i6Mhb3NfX29v2dx0SoDBg1N3q2yfvnhbd1rcHZ6QAYCtuOZ_2EUL7CpaFEirTZIRw&cid=CAQSGwBpAlJWxo_VzJZwAw7z1iaVqKDe0fWXSrjZ2hgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

72da02b4cc76ee99df5600b410e8a18e51497a5511085994c3f5e4aaa6eb6a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16843
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F977 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 191358a3f73300d0e9261238c26392106fee1e878fa3f048f821905132012734

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 665E 0
54 B 163ms
61ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lmkxcvyf&c=1670936591559&slotId=835468295779.5&qqid=CKiv3r2drYEDFVINdgYdw6QBLQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 665E 15 KB
16 KB 49ms
48ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 167286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 19:52:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 665E 15 KB
15 KB 61ms
61ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 159113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 22:08:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 665E 0
20 B 146ms
145ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CiRn-WaAEZeieBtKa2OMPw8mG6ALRidjtcozQ8uW8Ed2qvNfyAhABIM7OhmhglcKmgrAHoAH7o46GKsgBBakC1WTHEqfmYz6oAwHIA5sEqgSdAk_QR88nN5QqsVP2OD7w7kJxp9sMeEy5ANm-y5h1YYy8ca3rI8cVbLDbVGmLgVy8UhAsqeWSHYl9sAPLGcRoQFfIiktS-c_JW8hWsrzGecopXeef-YN00WE_9Z0LAdWpIa9LMEQErKQPIBsduH_6Y8eZNa1chnmUCrgDLZpSmffvmUsoNc95MlQu7sI8w2zSKVTo1_P1OIBDUiqLF545ZC37z5VT_5XeWdZZhT81SRkjjRBxE-s6H1s8zPcUlTww3u4RYs-BMO0x_aD7xxnA0aus0VH_rON7aEDHNAhtDp-k7tKNDAwKd7oOnzCXjyLWUivV5kEVoNmvo92QrNXC8S-tMF8D8hF6u97OPq6yORUiqS3e4qYjlWVfMnfaO8AEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1694802009549&ai=CiRn-WaAEZeieBtKa2OMPw8mG6ALRidjtcozQ8uW8Ed2qvNfyAhABIM7OhmhglcKmgrAHoAH7o46GKsgBBakC1WTHEqfmYz6oAwHIA5sEqgSdAk_QR88nN5QqsVP2OD7w7kJxp9sMeEy5ANm-y5h1YYy8ca3rI8cVbLDbVGmLgVy8UhAsqeWSHYl9sAPLGcRoQFfIiktS-c_JW8hWsrzGecopXeef-YN00WE_9Z0LAdWpIa9LMEQErKQPIBsduH_6Y8eZNa1chnmUCrgDLZpSmffvmUsoNc95MlQu7sI8w2zSKVTo1_P1OIBDUiqLF545ZC37z5VT_5XeWdZZhT81SRkjjRBxE-s6H1s8zPcUlTww3u4RYs-BMO0x_aD7xxnA0aus0VH_rON7aEDHNAhtDp-k7tKNDAwKd7oOnzCXjyLWUivV5kEVoNmvo92QrNXC8S-tMF8D8hF6u97OPq6yORUiqS3e4qYjlWVfMnfaO8AEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 665E 0
54 B 158ms
62ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lmkxcvyl&c=1670936591559&slotId=835468295779.5&qqid=CKiv3r2drYEDFVINdgYdw6QBLQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.gh&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 665E 28 KB
17 KB 181ms
82ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DO3IK7MFyN4a5L34KABjBPKOkkdpICec1oqhvURhWAdGZvdygvNpHcd9jHK3UwxraOMwAsBsJVXdyvfbNJ6KeNnSoN-A&cry=1&dbm_d=AKAmf-BH1njvGDVSQsvM-1cWheQeVsqaK8V0f_LIXDL5jOzgNRLMp_M_A3csjeUfdoWjIrAEIWUBJoOfURE4Ac9Sn-KkTG9l4m2Wf58s8hzekPxt49VlTGyWuRcf5ieMppM5e8Dq4e6fpqn2eaZ2DDlGijXarWv5lAltpksA52Ynk12aUQEbsNz8ZB5uJIA8OhiMgOk4rDcAVu2AprIWcEPVgFUPoBuf8UG3vP3Sjs67sZZt9u-O2UohMlOojHK21dBfrxtPQYimKMJVLondAzbiLvIEMFnzMjtA3_mYuPTrH7XXlxmf6480ulAkTCEr_ZgfQXus9vbzxWMH8lMXcNSrbflXbyu7NszDhSmPa_099TuUB5SN2og_E9jj8u6Odd5Ori9EmtuuywxUANydjq_4kfKNT8SJ7we4QAOl5cekdiP_XJlzn7rvYAAeniptw2XIfN_QkZbYlYBnEgqshMdivS5aWJpUvBoD17Uk2lG1aJOAOc8dUC4na7aF3jiArm453Fc7QEIhnVKxd6hh_Ptn9y-lM_ReXNH7yepG1UFwP1XUFtb7ZSm_aOCoVCg_TGAzVmKG1CjfPVtvh72EecvhphfFirJHj2Cnyo3WG2RJZynCBoNbqJYUxA57_uPiDFRg-ER7Ff-7IZoIerAkcKC5JutMUQuc99QjtkruVxlZn3LjtQedcsx1JzvWBM6ry57XRcScYqeSx4tW8wasKaFtR5h_F7g1E3XvjeRjbED7NETBG-MAYF_ePVbxMAOu7Ot2Lq0HslxkOT6OgQ6TosY-3IXF_h4WELYeqCfmgRZ7XTUvgMabOgKdW99JsUOnNmjM-PmzIuWg83YNcz_ZW80qfaM9jzfQ-V21a2b8aiiaMsSNx-o3NJ5tLTqmVH85wntGHMcbznIn9wkuYk8t7YEay5rMaOKF6I_1oBKVowctWvIfrbb-t5UoXXFpDPB0K4RZCJev5Yddn6bXJlAtwyCF7MHfAZxPTEvcv_18e66Unfm_5IkZiZ-psvmQ9E4k0nJ-CbSPjLtq7w9g59I-stXqz0rSDb92sEE1_R3qpPpXdu92hoJwnJ1diHHBk2gbEbIQcHdartRWy83OpLuKXXDgCdx5MIFc_1XBybTTQUF5SCIW9QQR431rf6ej_5akKbv0xAglNn5jIk85Fkc5udLokeEz7sWspSYxP5JSeVw2KobJ_Lb7vGgth1g87BOc7jG-a1miSs8vhPKXUysQQt7Tq4MDj0xJYdWGL8AUKdti7MHQpaCX7CSB7sF3-oKnV-COs6hNcU_wmTzQTS7oSe1C4U4FCCWYB_3ObMGfZwjCCjOFVmS922MHvVQLTNjITEBTZ3unnqqeFy_HbnZQNkgyb4oelQ27KrKYUqdlHg-tUYo6clBS_zQXSIF_5BNJSePuayakFoAgcwYyPQ86J8dlFlIAFFq1bWR7oCHP_UcH1gVahUea6mqzR4hdPlRSCE8JQJmnpLkt82PU_Q0F90fuat6SIvGeSTqfMwJGkAYaq5Srk0Auwi2q05M81j3ETD2fBFl4IM71KWGHrjn-xpDzekGwkhddUbN8E0oce_AFLEqh0ErQ-zGBwF3F90bzjWp0LaSR4joCynLBVWJlSeNOmNGnhOXyyMcc3C6zev0mFholJCVlFGwZP8qD6wS7uAtVRQs2Ro3_L3-f1DJAUBdhHuph1bnM7SkzZ96Q8g5t00WzzyFVT9pLGOgXTlAgT6QnBfgpNsLyVqEhbJrpedJvb3OnrWg1JGI0RrnjeUJPjKFGQXDYBzHH0Fjt3H2RHQLOlVi0yynLRULc9yb8Mc-EojiBVFuom9JsEggmDquIs9Hn68hx6d_cRJ1nQP3b2J04jV7PCvBoLZYv3iGReCLs-4Y3uvqNIZ0bMHPSBwTT3vrRLrlyO-g_t35vF63y5HY9RbhUz6OTew5-VUxwLC7UGtGLTYFYqR26cphojU87alc-2ds6ItHfhn21ZH76IRhKXTlZesV7V_FUbXtT3nrCBqnBM9sMQJMWnTYU5PJknkGjm26GsuPWT8WtpL_iRhjxVtsI7P8xIdpT85O-SUC5Em0HNTi0xzv0O4EBRxf608kkB9YVbUQOz-nRqT2mGAnmmI1jKepb5-OeDdeOAgBXwX-0m43sXugXhQRJagvYLv5sEqlVRZj9lwee_f8zBJ3-dewB8qADIP6FLFg4OawbUimua5E_rtXc6yJPpw_BfdVzrEc_T3dzBHBR0QVRUrAXkKf_jPHK3PbGAJIGS1yPuQfsxpscwniVzE-a-KzIwIxOdchBvRf5AXI5IVq-k7IWku0RswArejvY0b7aUuN6b8lUnW9zjz-BwiZ2-ZQdYtHxXgGlATKfqp3UvWjMWtj0Nth-nNIqFe2WtpPOaXGq7h2NJMfzyCgQKJHpqaZmWaKBVHg_ss-fIMd5fU1btuVjefG6_18-549wgZX35lQVJ3Ksrgj2TJCKSCDGm6IX0erj55fCiBoX8hUBJfKO-HWhmq_itok9MZv02H5QSTKrvGfEhfl8p5PchZdB8U7JpPffMSULxEoSSMhjKMKYB_r6tkreR7BURFPmzYSD_-19lyeE7rCCiB9PCDwIharjltzt-U0kjovPd0uKukNRxZh5b1obGGoyncOSKl6QQndADdkH1dZyS5nQntrfNgdS5lfd_BozFkrhwI_dMvUobAuBTU8L4AsjlEHv2GkOBno_z0icnBqLm8SdUTMnMCipb6vyyWCXlstfLpLnJNZlzFTO1amF6QiWYE40N4fk_h_jwS9YhrpTOAwDaj-ufkg-4u9Quh_Ne_0qzGTLOOHjFZb0aMrwB6FiGZAAy2HUvnW9jDjk4ZxbzsnBbgnFc40P6l2BRAdLkYbmT1vRW6eG7DZb5H-wwlQy_RYK5EhIySVJQ_VLNPwPDFHPRi6UqDj7WNlzbgGXYMZu---emao15vhJQKPel0f2NltQ6JRatISokNMdkN0NXDATV1Y4vBY1C2wdDTTyxF7swmAAH9RX64OWUSLs7sWdUPwP0tvGnmdSGB0UYmzOms6DWUZsrQIVM8TYeneFduwTXhrJGpt9p2lMFUl10qPQZfMn96286sxbYoOH0qEs83dcoxN3whJ3BYT-xWlvWoS4rDuW3afX1IK9_xz2WBzTM_Jiv_FTDyYWWghaQyBH-sxHtBujrS5drqf2xim7v6YfjSFSakgxRg7p9Y61AkvvfhlkHBNfXpRthu-VV1v2fXcbNm7T1ZBxwDqkL2JGRmm6_N62_XHi53Saft6_pvQMlFuU4DvbzOUMe6XHK2VCBA0yWTgavh61bki-_s2b2xpu_wsNWDvfwwbwaBXn_b8sF7lMi8HX50GyjqWMqWav1-Z0jzZ_i97zae19HOm2oxaGXPY__rSRzC7Ih0qsZy1USRuVI5PjIwGVpJ2D-XbA6Hx6N6-VwmM8eL9eoLmhOI1yAlpHfonFrizGPlVwJnQLTTW_AIIQakkBTijluGFGq-rLy-Ms0u5G4aVSHrk-2iaZ6MEH9AlXlp3Lh-ps88f5jxuPCHxKn7S_c3i8874BbiAPIDLtVXaF0iHECqv-6FW557jZMrVQLHPxs6Jqd2FvOZA4Zd5K2R1IGTYarR5omxRSMY4yZgJYSFUnQtT4LApHAC3csWCkZmmvxMNdClqo1JBi8V5t9pBQUcczh4VmJG-fYy3oHt0OsYG0jlwmohQfIxuytZcFzaMgHjUwFFXMmA1TGnC2xqh645-8WmR_TlSlnXv47F2cPgoXHr80rWq_RvlHkMOYNL-cdEuXG9HC9MCI5admfZtHc9-9bqKj8TERkhdHLVcK0z_oK_3ikQE&cid=CAQSGwBpAlJWbdhe5RchYy70NV9JD8ob8qaQMJIY5BgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

6a4ffaaf0076d7cb9fe8386b0309ca6058eb94de4915071caa99615aec9977e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16814
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 admin-ajax.php Show response
sazi.online/wp-admin/ 0
643 B 481ms
480ms Fetch
text/html 2606:4700:3037::6815:3064
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sazi.online/wp-admin/admin-ajax.php

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:3064 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sazi.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 15 Sep 2023 18:20:10 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://sazi.online
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KluGOaX0rancoe2OosqmwXuYpM%2BPyX9Jn1k%2FSiI0Xx5gVvo%2FP%2FHx72Y374A3EdXrsfrteECbGWoGWbRdKfGdYQyZqh%2FpyNjRSBAz64rQJwHmrEnLg5wXZnzsmw%2BdKkfW0ZWD0ucQLsN8oA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 8072e1cfe872900c-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
46ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1263498494&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsazi.online%2F&ul=en-us&de=UTF-8&dt=Sazi.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=5%20-%20Adsense%20xuyen%20trang&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=211662011.1694802007&tid=UA-189072159-18&_gid=596744849.1694802008&gtm=457e39d0&z=265433228

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 09:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31161
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
46ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1263498494&t=event&ni=1&_s=3&dl=https%3A%2F%2Fsazi.online%2F&ul=en-us&de=UTF-8&dt=Sazi.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Inserter%20Pro&ea=impression&el=5%20-%20Adsense%20xuyen%20trang&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=211662011.1694802007&tid=UA-189072159-18&_gid=596744849.1694802008&gtm=457e39d0&jsscut=1&z=2058300590

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 09:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31161
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 665E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c267994dcaa8ea62d78978c3156d7dc4617482191803d6f2f260cd09cf386db9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F977 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3Y1xWKAEZcqAPY-ViQbuiJf4B9GJ2O1yjNDy5bwR3aq81_ICEAEgzs6GaGCVwqaCsAegAfujjoYqyAEFqQJJqdCkauZjPqgDAaoEmgJP0FSeLZvEWhGO96YuG0kDIflKNQJ9U6S79lAEoZ5v5w_y58rD9IkcWxcve2o0nQ-PFnK8lyrEJO8Q2fnxT7Iyax8-xBS1w5k4rEmRRthMJg_-k54YPEvKPqH3QjqK69aVxZwxpyTPpqSpRfRbp3w-ERjTU1qQIvg-dfSMQBvn3opU_kaR4xHi9BBxtKVDWf6mjr-QGWTZaYxGkd8zvZIpKOBG9mF2JjiZV9DazWiAsf9f_ZdHVbOMbgnGrdxoZ3vKfAwAFkO7DGbyySjQC8F4l9Qd51Fz3e8Jn6YE3NZfRhKK0-xvI4pucbCb-Sk8bwRb5KnKbIpBuYb7OX88R4fGo6FuorQAXUOmruhgcfbN_8gEY0qKLWtmpiLABKjKu6PUBOAEA4gF8auEvUySBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB_vb3uUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQy68CGI2h9PIB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbATx4vbFMgT4azW4wPQEwDYEwqIFATYFAHQFQGAFwGyFxwKGggAEhRwdWItMzYxOTEzMzAzMTUwODI2NBgA6BcF&sigh=73Ku6SGOr4s&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWxo_VzJZwAw7z1iaVqKDe0fWXSrjZ2hgB&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=2264433467&adf=501445130&pi=t.aa~a.900623758~rp.4&w=980&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&to=qs&pwprc=4006195085&format=980x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008516&bpp=1&bdt=1522&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aaZgRCuQVp&p=https%3A//sazi.online&dtd=432
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 18:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 18:20:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 665E 0
0 112ms
112ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzPjzWaAEZeieBtKa2OMPw8mG6ALRidjtcozQ8uW8Ed2qvNfyAhABIM7OhmhglcKmgrAHoAH7o46GKsgBBakC1WTHEqfmYz6oAwGqBJoCT9BHzyc3lCqxU_Y4PvDuQnGn2wx4TLkA2b7LmHVhjLxxresjxxVssNtUaYuBXLxSECyp5ZIdiX2wA8sZxGhAV8iKS1L5z8lbyFayvMZ5yild55_5g3TRYT_1nQsB1akhr0swRASspA8gGx24f_pjx5k1rVyGeZQKuAMtmlKZ9--ZSyg1z3kyVC7uwjzDbNIpVOjX8_U4gENSKosXnjlkLfvPlVP_ld5Z1lmFPzVJGSONEHET6zofWzzM9xSVPDDe7hFiz4Ew7TH9oPvHGcDRq6zRUf-s43toQJ81wjEEzXLeQCutqEPBHh8k3NM1zu-lle0R13qE03mq9IgtBGTJ2DGJci3q7eFPmnTwFp8VDYY9kZdU99HTMENpwASoyruj1ATgBAOIBfGrhL1MkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf7297lBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEKjEAxiNofTyAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGwE8eL2xTIE-Gs1uMD0BMA2BMKiBQE2BQB0BUBgBcBshccChoIABIUcHViLTM2MTkxMzMwMzE1MDgyNjQYAOgXBQ&sigh=QBjarhLfxcY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWbdhe5RchYy70NV9JD8ob8qaQMJIY5BgB&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=3004208991&adk=2312289932&adf=1206385394&pi=t.ma~as.3004208991&w=620&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&format=620x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008530&bpp=1&bdt=1536&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=76g62TFsd1&p=https%3A//sazi.online&dtd=430
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 18:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 18:20:09 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 665E 0
54 B 60ms
59ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lmkxcvyr&c=1670936591559&slotId=835468295779.5&qqid=CKiv3r2drYEDFVINdgYdw6QBLQ&fb=outstream-lima&vast_v=2.0&vmfc=7&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 665E 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 665E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

173ms
46ms

Fetch
video/mp4

2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2176606E2556B9674E9D56320F433D92A087875C.3984EB6BE8B08BC0D2D50FF7E8A05B1729465EB6/key/cms1/cms_redirect/yes/mh/qX/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694801612/mv/u/mvi/1/pl/36/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 18:20:10 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
Last-Modified: Tue, 08 Aug 2023 11:35:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 15 Sep 2023 18:20:10 GMT

Redirect headers

date: Fri, 15 Sep 2023 18:20:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2176606E2556B9674E9D56320F433D92A087875C.3984EB6BE8B08BC0D2D50FF7E8A05B1729465EB6/key/cms1/cms_redirect/yes/mh/qX/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694801612/mv/u/mvi/1/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 665E 0
54 B 60ms
60ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lmkxcw49&c=1670936591559&slotId=835468295779.5&qqid=CKiv3r2drYEDFVINdgYdw6QBLQ&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.m2~videopreviewvisible.m7&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F977 0
45 B 60ms
60ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lmkxcvxp&c=1369549433908&slotId=684774716954&qqid=CMqM2L2drYEDFY9KwgodbsQFfw&fb=outstream-lima&vast_v=2.0&vmfc=7&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame F977 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

172ms
45ms

Fetch
video/mp4

2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51DCAF6582126ED288C2515C627F77ED9064C2F6.744A6EE672422FADE67D57B993230E7E08972C02/key/cms1/cms_redirect/yes/mh/qX/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694801612/mv/u/mvi/1/pl/36/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 18:20:10 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
Last-Modified: Tue, 08 Aug 2023 11:35:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 15 Sep 2023 18:20:10 GMT

Redirect headers

date: Fri, 15 Sep 2023 18:20:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51DCAF6582126ED288C2515C627F77ED9064C2F6.744A6EE672422FADE67D57B993230E7E08972C02/key/cms1/cms_redirect/yes/mh/qX/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694801612/mv/u/mvi/1/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F977 0
54 B 60ms
59ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lmkxcw5a&c=1369549433908&slotId=684774716954&qqid=CMqM2L2drYEDFY9KwgodbsQFfw&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.ne~videopreviewvisible.nh&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 2B34 23 KB
8 KB 45ms
40ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 226064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 03:32:25 GMT
expires: Thu, 12 Sep 2024 03:32:25 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 7204 23 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 226064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 03:32:25 GMT
expires: Thu, 12 Sep 2024 03:32:25 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B34 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 01:36:29 GMT

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7204 38 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 15:23:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 162ms
159ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230913&jk=3469188166586444&bg=!OTqlOnXNAAZQjyUVcI87ADQBe5WfOMOuOQ5OIyIcPoQu1BKQpPV6D4rm6a2q0ZzskbxBaJYugrLrzrHv-WUfUxE3WcbPAgAAAFJSAAAAB2gBB5kC-wjbcO0jdJ1Hsid8-5wGZDtF-JeACgvwJiovlOui57rqXoENg3MyhEIwrFCbsf-BZHoezSllCDqFaLXQYO7t55pCoxf7IXKQG7Qz2mJZ0RsDxm9_Kv6PJN0bDhsvnvclhdUenYaSzDiCUSSTaWyqz92gRW1qzF9eg2_6T8Vcr4JhfBZpX-tv8BhrrmlB1LPt0mw94qPF8_BSH01WL3nxlrwZnW20CWapHH_y8kxY2qZk4br5tRN02ujFydDg-ComsfDbAoQ81BTNQt3RxWoT4ji3_zxJLKjQ3G5K9aTQKNe6rhkbPQYYqUckQ0zfhKOfaTleB_aO-jbV5Y85Nvdcm8tvKmPF1a2fKVKZDXH8tn4gEHIPii5QQeDutYNeEMLRVnrktLAmuIpzAUJhMMruW4HJT6wVoAUMijj3yLRONxNFnnzgKcQ77qTlh6EeTWKGNL1LFI0iI4pAg0xW0ykhSrvNGCNTqXbtud8VR0Par3hLw24zP3EqhIG9_f1r3Nzcsg1xt7in2BOL4O81ukxDTrz69H73-ARUpTIypxuKGGwuwbGzW8yMcybAh2bQmBSXWRK6VF-opY0UuJ73kUMsVzfFT8S7BR4Sc5y-lbgHgb6RaN-PaQqCDOnpLbfDIY19ImlpQOAXhGXrYj79M7ocK-wBK5X48e7mLATEVJmFCwG0JNrMAu59WSTWwRvYh6KWdLacUrk4SEqQ94vKlv515GYc-8FNtHyOuvW1eQ7X4l5oUDNLW_ElOFdZs_wbdEAqNTdspGQfr18TdmqCq8JohDJR9KMrvCdZhUCwbq_jzTQwQQv9qpXqhEhaQ6bR-0CH5hbATFWBZjK0ZZIXKJZW-DdFToDMoEYtlRR32T1djoN1De7OdrPNaI_u0jcY50VP4tPeuA0ZGhm8F1qw6paz3K-MSLrvwn-gmzf-sgUjo4OZnFINndUkLKlgYwVGABvshP29KScPXtQJfBP0_U0MWOOsvRRuGRgx1jEkgr1kV58O_Yli7Oz_1Wq5hjM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 206 file.mp4
r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame F977 4 MB
0 82ms
40ms Media
video/mp4 2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51DCAF6582126ED288C2515C627F77ED9064C2F6.744A6EE672422FADE67D57B993230E7E08972C02/key/cms1/cms_redirect/yes/mh/qX/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1694801612/mv/u/mvi/1/pl/36/file/file.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 15 Sep 2023 18:20:10 GMT
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-9011108/9011109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
last-modified: Tue, 08 Aug 2023 11:35:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726338009/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 665E 4 MB
0 80ms
39ms Media
video/mp4 2a00:1450:4001:d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 15 Sep 2023 18:20:10 GMT
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-9011108/9011109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
last-modified: Tue, 08 Aug 2023 11:35:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B34 0
20 B 145ms
145ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BgQsOWaAEZdj4KbGL2fcP_Zmj0AgAAAAAOAHgBAI&bg=!y8ilyIfNAAbP3fMH7907ADQBe5WfOArnbMRdiuzi3fwVw-_odDioOLcsCnYSjW8PzIUsMBDGOJVd_FaAH-6sp5SaUKIpAgAAAIZSAAAABWgBB5kDF7C9CDchDpm6cvv_1JpwWZczHnY_iI4sjoeP0RBEcFQZTK04WeOV66qhmSGgLfQg3hovGPl-DrrRFAw3Gq8C0NaE6qzSAQFM435EBvGT1OVbqI9OJzQIxCvGlnJQeDlFsacKcT3Xjkc8F7cIQJs_2-hHeEkr1SoHL3dDnc-dNjfAY9-DU0YnfB39lTZAXTAZxYLQjlkpWQBahHxkDmXFXCtbkQqE0lR5hvr631ha53fSm_qVhn6195verDx3w-p-IrpW34NeKeQ3wn0xtW_UdwYfeyZ7kWqutK1LGLE6ybXhOxVFW4UG3BOf_54NUFjsLaeLs5KW77nqcO4AS0QXN__Y3wku1TUbpP7nnB3s1b5bTN6SOFe9uyKsxki_B85Zh3vQZvSnDY86w2ANNubQfxH4ZhCQ1qwRCxNUxbQrSnWkrgZ2b78XPZ4AghmblPeHnQHmrYiTwswPPWQzwVuNGTy5fZgNbjoY9rHf4qutCSneCG5Sa2zqF2_rgqfvcGNyXYyQoMGe1JJ8llxKyYsgJwrerDr2PiCAnyoh2TSYP56okBuQIZ9Uc8gGTTp9ZpRmrBRlZ1GdU8P04iTztQ7pToKH5R85WRfO0EN8OSsxOxVKWC2wZYglcwqM3UmQPDiSA6yEa-yK-LA7_NP90POE4YHA8UY77CQ9POibFD26SZabW5m-S6kolGX-9swrEe4W58TwlHfU6iZ2k2FWlkipiHwfOJQ66cKqU3Q_0s4Fuf1-YUKQXOSpuRr7ZG7rhErgGEp-lNBKYb0TTd3RLub_6EGDP2T1p4wWBbesIDoWW6X4MZLNiWqaY-iO4HwXptpzdvemt4HcmqOvO4vfMwoaZtE757ZOV2RHkWKID-uoeYDGCWDI6Yff3r8i7xryMmfhl1fb6YVqURFqir52CeIFVVn9po9Ex1tToHdheDHZvOB28wE9Xp0GhSvBH-9YxXoc7Lmsvz_iYpn7J9tZK4FzVjf5tIA7Xdf4XdnAlazGKvatbDCcMpg1r5G8fLJ24FzPXMN2gywxyemzI4LsBc6-MZwV0BWaGsHk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7204 0
20 B 147ms
147ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B7z4QWaAEZZL3Kcr4mLAPz8OAmAYAAAAAOAHgBAI&bg=!39yl3JPNAAZQjyUVcI87ADQBe5WfOH879WICBl2sv8Jg9_ml695NS8B1hXq-oxYg69ip5TUixj9pq-uVur-oaSHzMiD6AgAAAJNSAAAABmgBB5kDMcFvf4rNilTlTufQs3FfyrF05WVjhxzgKbjsZJl2oJ6NLWEPNPnpXtn9JKwgT0M9p9PBZhuDesCYVaI8ez9DhYhY10Caaa2UoamYhnGVj9_TKY1Z4Q-p2cZ4tPe-vHe629NLFGcTwMIYrv9cV5mt65HQMsKsrbBZ3GUePltLuIFoPagmrCBxzbDYdbFLebsyEaItj7N1Pnm1L9aqy2z2k6EOAiexrVKIS1TTo1PVSOcSKz80xv8nXpefXCqzkTPLbf7mx0bcPkNyEL5HvRHUCeGzNAcWznKQChTO6iFYNcX1ESD4skSkT-BG-sTwV6WMNR2yq9YkaHvCC38tPJ3FObhFEtqouVrhSimIgIH8tYGzpFXM2R6acXOCcDPNa-rSYMXwLJh-WHHkF8OKYWOta_mL8W4PFDvm9YywmF1LjuvIV7Lx-snCaLjyypucSigI2zlYLhAsd9RgNgjh3NeoJpy8eLU8e30y7FTbZsEv7u9qNhAZRmno1rXmTobu1djoYT0OR_WiyDNUWsIdUb2JgxXjwAOG8YSBMmR8pbThtUValqZi1fDxp_gABFs-iQb8kqvSY3fHJAj_D-JoUKthOpp9-OqwoJLkXHvobij-v2DhCj55CkDte5-bXfRhbfBlUGW26_OCXro7uZLterG2yHgQSq5PjMC5-5wTCtQNa2cVQmVoJ1cJgwrHmgxbvqkQPyItz4aH95j9JxvEXyu04oB6PHsC_2sFbV6AokJMrBFjQASgiaBmx5bDJkNQr8nF8UJ86bkF0Nkm0fxmnFPuH8ei3nbgSByUV3GbV1U7NQ0XHq3En2VbAS-cLH7dFll1761iCXy4M58aYa2MH5DkMxaalbB6T0vRnzn__3AZiD3GZ0eS2mYnS2E7t39bH-NS2fBf9ucLTcQ0NNXThuud93BIJZfx1OfYo6vGwAVaKV2Qi-8-JbmIs-90WdJ4suf56XnPTUZCUxaTLfhm1gfsjQLVQqUWkcPLaQ432HQ_SQylNWGszqdrcR74iUxMEPjBP6KHJ0aC7VOgCAThpz378yv1OuP8_FugPFKZr4HJk4a_Pqdi5UNRLWAvlgOboQDY650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMImImCvp2tgQMVsUX2CB39zAiKEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCKiv3r2drYEDFVINdgYdw6QBLQ;dc_rmcid=CAQSGwBpAlJWbdhe5RchYy70NV9JD8ob8qaQMJIY5BgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame 665E 42 B
401 B 289ms
158ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImImCvp2tgQMVsUX2CB39zAiKEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCKiv3r2drYEDFVINdgYdw6QBLQ;dc_rmcid=CAQSGwBpAlJWbdhe5RchYy70NV9JD8ob8qaQMJIY5BgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D584396588%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694802010282;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 665E 42 B
64 B 102ms
100ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiRn-WaAEZeieBtKa2OMPw8mG6ALRidjtcozQ8uW8Ed2qvNfyAhABIM7OhmhglcKmgrAHoAH7o46GKsgBBakC1WTHEqfmYz6oAwHIA5sEqgSdAk_QR88nN5QqsVP2OD7w7kJxp9sMeEy5ANm-y5h1YYy8ca3rI8cVbLDbVGmLgVy8UhAsqeWSHYl9sAPLGcRoQFfIiktS-c_JW8hWsrzGecopXeef-YN00WE_9Z0LAdWpIa9LMEQErKQPIBsduH_6Y8eZNa1chnmUCrgDLZpSmffvmUsoNc95MlQu7sI8w2zSKVTo1_P1OIBDUiqLF545ZC37z5VT_5XeWdZZhT81SRkjjRBxE-s6H1s8zPcUlTww3u4RYs-BMO0x_aD7xxnA0aus0VH_rON7aEDHNAhtDp-k7tKNDAwKd7oOnzCXjyLWUivV5kEVoNmvo92QrNXC8S-tMF8D8hF6u97OPq6yORUiqS3e4qYjlWVfMnfaO8AEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=dRPChE0ENuw&label=part2viewed&ad_mt=7&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D584396588%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694802010282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=3004208991&adk=2312289932&adf=1206385394&pi=t.ma~as.3004208991&w=620&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&format=620x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008530&bpp=1&bdt=1536&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=76g62TFsd1&p=https%3A//sazi.online&dtd=430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 665E 0
65 B 191ms
93ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskI_qQ5QUN7IxqYmcB8xR-vhcgy2P0rVvHEUHiF4QlPTT6vpcddb-5IscuOiAixzJGf7plYhxkWqYnJQaxR0yfwthoBTAUgyP-yIMcwGxdDwKbj09rxVAl8K38ASUesjk8Q7aw8RPXtBSPSc3ZEjOyo9ePnXRTqVerSpRpQXJghM22ZFGgMy5yNOHc247zgI1pRFDiEQ6_ebWhgnRY3bilTGQvYJzjquSHX-aNrolqeXElaxIKzX_PzOyRr_r4A6b2wkFpBKr7Z-xMGfGY5UC-7Rpxx2SqxceVJGWVFK5rHTucDykqzjxCPKzaxs5rol8IkSsKUi68dqP6WCOISs3hTjnzZjZP74QqYpsI5bvckhFIc0W0njr90iHckPtB97QdNe-gqrVOtc1XSGxQyLYR3izVeF7w_cc0lxBsVKE-6AZj3vVVRTIcPNHCSn5ixOWN3WTcJeRyfsctgNDNbm6hcvuejm2Cz4S5j7s_1RvXgs8VPMZpxXLYw4XWcuAHgphmTpbr0sYbnLnb5prCoZx-2cBY8e_62HL66uajVfXyQJ41U7N8v1JQ35Kgc3WBzEwAsq4als8uHAlRerVqo5h-XUkgsVa_zBnXVJ7praYZfprdKoqMe7nxdVoPP3ObZHu7zoqB2a5j0eK0KA2iCk0nyq0uzTxNtBxoj3TIa8qNg36pbtP33kbSApUAauYOX-HuQpbGG0OXzgkPdQBJfgv2GxcYt0iIIdJoyj4WKd8_eYpLRUmwepzWPLmmF2am1tLGUtUoT9Px32_oYw68iKPIfpyh5i9rCbtNad97z8qcPXa-bzxLTZvTT3RDZo3LlY9Y8xVrCqGpp7T0x12aUPKCwL3g7kpD78Ki17Z_67IyZQPuAsFFnq8FaveFHSFsUFmIbKXvi_a2-gW_jmHTUFAYzFdLfdXsTg5QsmSwkqG_j9lOxV68uNsl7fuov0yhst7WOHdIqXhnvsCjrE6biAnPnd4EtgYCAord5vAr9vk9ih54ZQ92ZxfEGX6sPzPfZJEd0IaTKp1PvmQxMKd6ys0G5EY6D1q1EdEvWhJHMxwcWFp4af0Thyrx4hyY_hBgDhgVkYSX_lAiOUkTx4YLS9bPoeuDP_km8idOUCJswk-OcQvCt3RslB1N_AP2HpmrpSb6cTrNzTmZLZv0m2dMsIsStbYZCY-CIdaDScr733gLLIjY4DMxHrSwzxSJe0EB1-RldT6lxJuDncxlSB1vtS3EzzF33VPR7qEXyE4-nnIs9YcKiJU3XU84OxA3&sai=AMfl-YQ70NA7Cxg-khQLpn8DLn0x9XOH4isn0u_OwxhcBft0lsHKsE_gA7ITO-sHU5kzqgElcx0Wc3B5FPgjlvX-Xu-osB8ITQQF9umY8VL-sht_IQIXt5KKRTVQc_rmnpi1ZiJqk5X6SGQeAsCC2gp0DxPlwragsvkP2xuLgEZAiFtbR5O90Go&sig=Cg0ArKJSzLpu2HnF4NK1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 665E 0
16 B 87ms
84ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECENfEsZUFGI2h9PIBIAEwAQ&v=APEucNWxcdTuUA8BE1TJJswusHdnEU7UMm_AV61sJRtrwCcdiixwLek9m2HsqlLH8oeDMSp-5McQOY32bIdS4DuApX6Id5IXjQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=3004208991&adk=2312289932&adf=1206385394&pi=t.ma~as.3004208991&w=620&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&format=620x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008530&bpp=1&bdt=1536&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=76g62TFsd1&p=https%3A//sazi.online&dtd=430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 665E 0
20 B 142ms
140ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 665E 42 B
64 B 150ms
147ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxFSNybS7rXdKroCPRhJULXEing8JISnGjpdTxdy96_9WXToBU-1qyu97jBSbejMaB6WnirbZ9vAtpgtc6aeHAcgZJJf5b7KpW8aNFHzHIDtdzVM24ozAWIScjw9jnUns_eRo49ZCJrPK0&sai=AMfl-YSpcvGDTEOWHdYvSIQNY-rch0aT23axVyb0HBtj6ooSsAJCyCzh3ahYI9yudn4AfK7NrManFkGAwibm&sig=Cg0ArKJSzMErdgFmC6jxEAE&cid=CAQSGwBpAlJWbdhe5RchYy70NV9JD8ob8qaQMJIY5BgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D584396588%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694802010282&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 665E 42 B
64 B 82ms
80ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiRn-WaAEZeieBtKa2OMPw8mG6ALRidjtcozQ8uW8Ed2qvNfyAhABIM7OhmhglcKmgrAHoAH7o46GKsgBBakC1WTHEqfmYz6oAwHIA5sEqgSdAk_QR88nN5QqsVP2OD7w7kJxp9sMeEy5ANm-y5h1YYy8ca3rI8cVbLDbVGmLgVy8UhAsqeWSHYl9sAPLGcRoQFfIiktS-c_JW8hWsrzGecopXeef-YN00WE_9Z0LAdWpIa9LMEQErKQPIBsduH_6Y8eZNa1chnmUCrgDLZpSmffvmUsoNc95MlQu7sI8w2zSKVTo1_P1OIBDUiqLF545ZC37z5VT_5XeWdZZhT81SRkjjRBxE-s6H1s8zPcUlTww3u4RYs-BMO0x_aD7xxnA0aus0VH_rON7aEDHNAhtDp-k7tKNDAwKd7oOnzCXjyLWUivV5kEVoNmvo92QrNXC8S-tMF8D8hF6u97OPq6yORUiqS3e4qYjlWVfMnfaO8AEqMq7o9QE4AQDiAXxq4S9TJAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=dRPChE0ENuw&label=vast_creativeview&ad_mt=7&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D7%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D584396588%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1694802010282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&slotname=3004208991&adk=2312289932&adf=1206385394&pi=t.ma~as.3004208991&w=620&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&format=620x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008530&bpp=1&bdt=1536&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=76g62TFsd1&p=https%3A//sazi.online&dtd=430
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 665E 0
17 B 61ms
60ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lmkxcw4g&c=1670936591559&slotId=835468295779.5&qqid=CKiv3r2drYEDFVINdgYdw6QBLQ&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&dm=61000&ple=0&umsem=0&event_name=first_play&asset_bytes=194614&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.10o~ff.111~videopreviewstarted.112
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F977 0
20 B 142ms
141ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI0oeCvp2tgQMVSjwGAB3PIQBjEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCMqM2L2drYEDFY9KwgodbsQFfw;dc_rmcid=CAQSGwBpAlJWxo_VzJZwAw7z1iaVqKDe0fWXSrjZ2hgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame F977 42 B
107 B 278ms
160ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0oeCvp2tgQMVSjwGAB3PIQBjEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCMqM2L2drYEDFY9KwgodbsQFfw;dc_rmcid=CAQSGwBpAlJWxo_VzJZwAw7z1iaVqKDe0fWXSrjZ2hgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D913247454%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694802010300;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F977 42 B
64 B 83ms
82ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CvMl3WKAEZcqAPY-ViQbuiJf4B9GJ2O1yjNDy5bwR3aq81_ICEAEgzs6GaGCVwqaCsAegAfujjoYqyAEFqQJJqdCkauZjPqgDAcgDmwSqBJ0CT9BUni2bxFoRjvemLhtJAyH5SjUCfVOku_ZQBKGeb-cP8ufKw_SJHFsXL3tqNJ0PjxZyvJcqxCTvENn58U-yMmsfPsQUtcOZOKxJkUbYTCYP_pOeGDxLyj6h90I6iuvWlcWcMackz6akqUX0W6d8PhEY01NakCL4PnX0jEAb596KVP5GkeMR4vQQcbSlQ1n-po6_kBlk2WmMRpHfM72SKSjgRvZhdiY4mVfQ2s1ogLH_X_2XR1WzjG4Jxq3caGd7ynwMABZDuwxm8sko0AvBeJfUHedRc93vCcenzoDcDZAiGHVNy2o8ymALd72T0Fbz5dxeXAOuS2-P0iH-7eG_MT8YQ4ys_Ma34hQm2Fza1VtcuCr8298tM7p5GvvLwASoyruj1ATgBAOIBfGrhL1MkAYBoAZ2gAf7297lBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE8eL2xTIE-Gs1uMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF&sigh=scDNF_FA928&label=part2viewed&ad_mt=5&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D913247454%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694802010300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=2264433467&adf=501445130&pi=t.aa~a.900623758~rp.4&w=980&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&to=qs&pwprc=4006195085&format=980x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008516&bpp=1&bdt=1522&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aaZgRCuQVp&p=https%3A//sazi.online&dtd=432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F977 0
557 B 174ms
87ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsseq3XdaY05QbfK_eCmptu_5qVzumS0TjOHevBGR6y5vH_xGvqvF0mo1dJfu3zI7cEwtcspS3z6nx7D0cxMnqEBNLj7q9_UEl4mqJkFzKZ8hQ5GXhrVSr5xgwH5-GenNunmiNvMYEDdTtApoG-7R48z0tkz3Znh5IoD7ilPoLzy5VEikWw9d86fliCTirMUpngaiea4wWKnhZY_z32TcxYUNrChaLnYiQZki3W0ksawmyadycP2Mqbfrlk1NSqMQJ2sg5-UOFeocaXxCLBPdvrSlfR-ZiCcTq-gd7oPF5AVOLtFqnBityE-O0znhrd03oFtUShDQaNVb_LmVTVcltmrdkNMAIMbP0izPQ9R6Mb-eGF5eXInzXGMMkzMJQ-nAzvB19czJhHhndLynXKHL0KVSEevJtjoyhSALudmx2cpLJ4thkh8Hz8aecOuRmvgxxk6vzg406KmzRTUzefu9noqnax5FlK7hPARrj82niwwk8ciLB85paTlNrJ6NH4LC_sP5bKcfCWp-YbhC4BWEqWfV_YatJWQHmoFLnBnqzi70Ino1z_YVN0RP7rkh-vQFPmBtCtChwpeO6GDfLvbKfEpw6l5_jmCL8KnmZkNAzAcTvzqdrHnShAd6xFH0q0_Z_bfS6EfUGkuIsNUQpHWpgVd31GQ-gkgcvKy3IYEJFwDIi9hXMF5rqqtRZiieykk_z3NymcW6vt-m9mTLObYFXuedLANU6Vrt6N2ZFe0_NyAPkVrMqpfFmgWvGCexiksR1SOzyjP6k6MoiwQeP9af4JgBNVmyWwsqwR_KgURDZ0huo5lIHXYkzS_QI6mR0iwBirVMnDVJNBYFYvToVRYsSaLFIroJMSMWUM1R55lDVK-o1IBijcA7oisiVpLKLZXmJZSGrSKspV9Ov6aMpn_vChM4oPkPmUnNS3mQKzptlzUfSA_gDCM23bgMWvQZns5OvW4WLmquz6uVaJY379zOoQ0ofctoQMM8vDlYYMY-qCVYFDgLpHqMQlwnAxvuquD0VAKGQ8gv1bJsWWaFKRp8DcmZooelGB5ex1hvvRkSm7N3Bqgir7UUOevxlbS2SM2grDYjymits-YSQyMRKltLSp0QG40G_TDVF5gTb-gZn_qkUw6_jR8gZVb30fNbqo6O5AmioQKQHyjzlP4gg4eIfFFPkQplDoScMrSTppvhUHp2s7rEyfu-eso7WA45DrtL3cRQU7t744kqSUqzqEQXvDDWSvEI1t7JDOlAyKIdu3THAsiFwpaZ4ahHYw&sai=AMfl-YSfN06aa5-NKq26cSWqK6g96r4cJc-KnoxxmhUjnZLSaFD3ry5J5lMYV27zkqykCZM8KppgdvV6cBrDlrLz6qRONTKHNoV5RGoOoE43pkvRYzV06usSh3YquXmRc1N7VbPv2a3_TVgBUAYIrv37zukg-cYf3v4x6etswszDuz4133sanbo&sig=Cg0ArKJSzD2KHUwC5Sb_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame F977 0
16 B 83ms
82ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECENfEsZUFGI2h9PIBIAEwAQ&v=APEucNXjRyviFJHSiHkNteiaFH_Sd3nR4tNDmlND4H5i2qezwePIS0schmpzDPSAJ0ETSrz5NEHzdtr0KVUFYd7hTSFBoJQmOQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=2264433467&adf=501445130&pi=t.aa~a.900623758~rp.4&w=980&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&to=qs&pwprc=4006195085&format=980x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008516&bpp=1&bdt=1522&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aaZgRCuQVp&p=https%3A//sazi.online&dtd=432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F977 42 B
64 B 147ms
147ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsJEGx8OdGRMATFvqw7QXws1BsMEPj6iObulmkPIMARo5XqlDLI-IEifJBimQKbpHqoBT4dXIIiIMHjQtKOXVp7T7O9IHKWZqMa9VUX_0Mm4P4KyFiAWVZo11OHbRbJ8yYKKdAOVwz-kEB&sai=AMfl-YSWfO6SooGrIbAlkL8F9Aph8leTAgPa3flyrPWoIcJP2a9r6sOyqg3w5RK-iWz2bDUgG8uqROMOCMCv&sig=Cg0ArKJSzGCC_SPZ7-KcEAE&cid=CAQSGwBpAlJWxo_VzJZwAw7z1iaVqKDe0fWXSrjZ2hgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D913247454%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694802010300&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F977 42 B
64 B 105ms
104ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CvMl3WKAEZcqAPY-ViQbuiJf4B9GJ2O1yjNDy5bwR3aq81_ICEAEgzs6GaGCVwqaCsAegAfujjoYqyAEFqQJJqdCkauZjPqgDAcgDmwSqBJ0CT9BUni2bxFoRjvemLhtJAyH5SjUCfVOku_ZQBKGeb-cP8ufKw_SJHFsXL3tqNJ0PjxZyvJcqxCTvENn58U-yMmsfPsQUtcOZOKxJkUbYTCYP_pOeGDxLyj6h90I6iuvWlcWcMackz6akqUX0W6d8PhEY01NakCL4PnX0jEAb596KVP5GkeMR4vQQcbSlQ1n-po6_kBlk2WmMRpHfM72SKSjgRvZhdiY4mVfQ2s1ogLH_X_2XR1WzjG4Jxq3caGd7ynwMABZDuwxm8sko0AvBeJfUHedRc93vCcenzoDcDZAiGHVNy2o8ymALd72T0Fbz5dxeXAOuS2-P0iH-7eG_MT8YQ4ys_Ma34hQm2Fza1VtcuCr8298tM7p5GvvLwASoyruj1ATgBAOIBfGrhL1MkAYBoAZ2gAf7297lBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE8eL2xTIE-Gs1uMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF&sigh=scDNF_FA928&label=vast_creativeview&ad_mt=5&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D4%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D913247454%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1694802010300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=280&adk=2264433467&adf=501445130&pi=t.aa~a.900623758~rp.4&w=980&fwrn=4&fwrnh=100&lmt=1694794806&rafmt=1&to=qs&pwprc=4006195085&format=980x280&url=https%3A%2F%2Fsazi.online%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802008516&bpp=1&bdt=1522&idt=424&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aaZgRCuQVp&p=https%3A//sazi.online&dtd=432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame F977 0
17 B 61ms
61ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lmkxcw5d&c=1369549433908&slotId=684774716954&qqid=CMqM2L2drYEDFY9KwgodbsQFfw&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&dm=61000&ple=0&umsem=0&event_name=first_play&asset_bytes=194643&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.11k~ff.11q~videopreviewstarted.11r
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_balloon/sazi.online-passback-balloon.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 17:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2150
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 19:44:21 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 47ms
47ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1263498494&t=pageview&_s=1&dl=https%3A%2F%2Fsazi.online%2F&ul=en-us&de=UTF-8&dt=Sazi.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=sazi.online&cs=Balloon&cm=&cc=&_u=aDDAAUABAAAAACAAI~&jid=1362909579&gjid=2075481211&cid=211662011.1694802007&tid=UA-206083988-2&_gid=596744849.1694802008&_r=1&_slc=1&z=1480634974

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sazi.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sazi.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template-v2/passback_balloon/sazi.online-passback-balloon.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fca1a05ff44697d8ab58673b996e86dc06879e8f4743e4173e9803324f9bc3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Origin: https://sazi.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50883
x-xss-protection: 0
server: cafe
etag: 12201077786799227724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 18:20:11 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A725 25 KB
12 KB 455ms
453ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f2e9691fedd7508723a79201284c2b41364f04392378821d87a93218ebb8321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sazi.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11775
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 18:20:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 zXX463w08EmBSetEoDBy6hsx-51mS2qHx9pZTND3IxOpzQ_NwIqCZGteENgg4Sf8QVkqjIyqWQdXdu_wqtefN0YQJAFEqkfBXrlpEgu9AU933sq8SNI1aZLV4Cr6YWC9EXHLs87Y-k7g-YgsOeontkV0EgpdY7aPJJnd5h9FWO7PxWKEcGQqQuizSDSOoNGWNm0_z...
aj1559.online/ 49 B
512 B 682ms
680ms Image
image/gif 212.124.124.115
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zXX463w08EmBSetEoDBy6hsx-51mS2qHx9pZTND3IxOpzQ_NwIqCZGteENgg4Sf8QVkqjIyqWQdXdu_wqtefN0YQJAFEqkfBXrlpEgu9AU933sq8SNI1aZLV4Cr6YWC9EXHLs87Y-k7g-YgsOeontkV0EgpdY7aPJJnd5h9FWO7PxWKEcGQqQuizSDSOoNGWNm0_zY4iHJPE1TgcWHvLkfN7jnnH3JmWO4bQMd7XZYeRPx8fdZPJV-7hngj3dgyskZlxmJABg0XWudlj61WM2otK94MvescCFxH8iPQedR1gl8RaYqTGk5OqQ2to47vuphmBVZH_3htYHYz9dOLKJP2Fx-jrnHAo1wTbNCJ1gh0X4xSps-GYb9LAu44Nu_8QehBFzERnaBDaHOUvv?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
last-modified: Tue, 16 May 2023 20:36:16 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1684269376000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A725 42 B
63 B 140ms
140ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjzQddOdmTjX9bLEbGmXmNCgi6UKPSQEy7sVHQVH7XCFProOl9SK6_YSFEADx5aVDV58kAdK2gdIvnC9vTWb_EODMuHfZpxdD5Tp9NJg2IgploHY4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A725 0
20 B 141ms
140ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10345969966205717284&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A725 89 KB
31 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 18:20:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame A725 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 16:24:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame A725 20 KB
8 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A725 0
0 49ms
47ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrOiUHd45yrrsNWIgEb5nI3HM1YzBuCybJ27H0FNZavI_BFiGxhfkPpUa0GDTDpPLfKbuw4sMFzc4Mszt8pxSWqEsAVw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A725 182 KB
57 KB 54ms
50ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 18:20:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EBE8 624 B
242 B 81ms
80ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKX79PUBMAE&v=APEucNUM1GON-jnbDCwvE71V-s2NBfEfGnLwDmMZ8qryYSMR4YMo-sZvcbHNuhT6Eak6ZaLBT8KcKF3h5506-IocKieYVJYNfhs56eZ62nj-P8UIanJFR6vx5ekoKkakVPBaPhfVMRV6hOrHqJWQOQjbE5UbHjH98FpdLnLT3lICe1uAn9oD8SE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 18:20:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EBE8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1&C=1

43 B
768 B

56ms
56ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKX79PUBMAE&v=APEucNUM1GON-jnbDCwvE71V-s2NBfEfGnLwDmMZ8qryYSMR4YMo-sZvcbHNuhT6Eak6ZaLBT8KcKF3h5506-IocKieYVJYNfhs56eZ62nj-P8UIanJFR6vx5ekoKkakVPBaPhfVMRV6hOrHqJWQOQjbE5UbHjH98FpdLnLT3lICe1uAn9oD8SE
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1QuhgoMGbxvsESXYkiX8m11oc3WW3dwc9fXv7W7vRbJfWox4d4Yud2jSHoxDdfWgw1xOfEjZY7O8x8nIbYKoTIOsVprh8avPdS6EUZl%2BWNzVtzZpGIlmq7%2BYKLxQW3sYTz13h%2BPJeRm1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8072e1e3ddd06921-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlGfnnJbUkGayJK0Kt71uGZZwiDEe8bv07X266DkQAAoWeCILgUf0ryMtp4e9Vw31DV1LUcAxj2vaX3QRJZMuv4D%2BKF10iE273wNeCaCVgsh42Xwvs%2FOdnLKI0nOE4cmkUttnKD1Es5KDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8072e1e31dcc5c8c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EBE8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQSgXG439z1x5u8jszBAKQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1

43 B
733 B

60ms
60ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKX79PUBMAE&v=APEucNUM1GON-jnbDCwvE71V-s2NBfEfGnLwDmMZ8qryYSMR4YMo-sZvcbHNuhT6Eak6ZaLBT8KcKF3h5506-IocKieYVJYNfhs56eZ62nj-P8UIanJFR6vx5ekoKkakVPBaPhfVMRV6hOrHqJWQOQjbE5UbHjH98FpdLnLT3lICe1uAn9oD8SE
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HA0F12BnRXEDMy9nGzIg%2BS5EatVbYimovwAHDWDnvjK6nythnecazgWV72YWZ1feF6eVxSDKuTP7Yn2pxcOw1SSvRfO8kLRu7sq8Ac%2FwOiSjlFvnoi3W%2B0yQ9WGRPhDBdoE2jTkN8%2FBVfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8072e1e42e456921-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJdluOZqfVqBWY6qc53inBw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame EBE8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELw9oYGPeuFbCiZZUgJQN2Q&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELw9oYGPeuFbCiZZUgJQN2Q%26google_cver%3D1

43 B
895 B

48ms
47ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELw9oYGPeuFbCiZZUgJQN2Q%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGKX79PUBMAE&v=APEucNUM1GON-jnbDCwvE71V-s2NBfEfGnLwDmMZ8qryYSMR4YMo-sZvcbHNuhT6Eak6ZaLBT8KcKF3h5506-IocKieYVJYNfhs56eZ62nj-P8UIanJFR6vx5ekoKkakVPBaPhfVMRV6hOrHqJWQOQjbE5UbHjH98FpdLnLT3lICe1uAn9oD8SE

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
an-x-request-uuid: eafa4b05-0b71-4ed7-b7d9-5c58d7c6371d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.100; 80.255.7.100; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
an-x-request-uuid: ec58bb84-e1a3-445a-935c-cceb8e80389a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELw9oYGPeuFbCiZZUgJQN2Q%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EBE8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3MzQ5NTg0NDQxMjEyNDQxMA%3D%3D

170 B
243 B

50ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3MzQ5NTg0NDQxMjEyNDQxMA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
an-x-request-uuid: c5013b33-84ad-4531-b0d6-d43b2f96fc8e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE3MzQ5NTg0NDQxMjEyNDQxMA%3D%3D
x-proxy-origin: 80.255.7.100; 80.255.7.100; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 665E 42 B
64 B 147ms
146ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxFSNybS7rXdKroCPRhJULXEing8JISnGjpdTxdy96_9WXToBU-1qyu97jBSbejMaB6WnirbZ9vAtpgtc6aeHAcgZJJf5b7KpW8aNFHzHIDtdzVM24ozAWIScjw9jnUns_eRo49ZCJrPK0&sai=AMfl-YSpcvGDTEOWHdYvSIQNY-rch0aT23axVyb0HBtj6ooSsAJCyCzh3ahYI9yudn4AfK7NrManFkGAwibm&sig=Cg0ArKJSzMErdgFmC6jxEAE&cid=CAQSGwBpAlJWbdhe5RchYy70NV9JD8ob8qaQMJIY5BgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,63,279,557%26tos%3D2007,0,0,0,0%26mtos%3D2007,2007,2007,2007,2007%26amtos%3D0,0,0,0,0%26mcvt%3D2007%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2169%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D202%26dur%3D61098%26vmtime%3D2179%26dtos%3D2007%26dtoss%3D1%26dvs%3D2007%26dfvs%3D2007%26dvpt%3D2169%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D584396588%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2007&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1694802010282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F977 42 B
64 B 151ms
148ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsJEGx8OdGRMATFvqw7QXws1BsMEPj6iObulmkPIMARo5XqlDLI-IEifJBimQKbpHqoBT4dXIIiIMHjQtKOXVp7T7O9IHKWZqMa9VUX_0Mm4P4KyFiAWVZo11OHbRbJ8yYKKdAOVwz-kEB&sai=AMfl-YSWfO6SooGrIbAlkL8F9Aph8leTAgPa3flyrPWoIcJP2a9r6sOyqg3w5RK-iWz2bDUgG8uqROMOCMCv&sig=Cg0ArKJSzGCC_SPZ7-KcEAE&cid=CAQSGwBpAlJWxo_VzJZwAw7z1iaVqKDe0fWXSrjZ2hgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,254,273,727%26tos%3D2004,0,0,0,0%26mtos%3D2004,2004,2004,2004,2004%26amtos%3D0,0,0,0,0%26mcvt%3D2004%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2165%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D201%26dur%3D61098%26vmtime%3D2171%26dtos%3D2004%26dtoss%3D1%26dvs%3D2004%26dfvs%3D2004%26dvpt%3D2165%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D913247454%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2004&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1694802010300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A725 0
20 B 140ms
140ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7706426928570&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A725 0
20 B 140ms
139ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7706426928570&version=m202309120101&ct=76&x=1&cor=10345969966205716000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A725 107 KB
41 KB 97ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKusL5IhJW1HhT9l7GHXL1empTjEmo_M4EeEC8HahZgNA1taGc8M85uHlPLSB701luNSNFsY7A_bRG3R3OZacRFz-gCD8b5OcTElx4XAPKZpCL98-E4PbzeGepjG0ygV19-5jYRVUiS1BXuOPbJQ4Z7nB1JTFsFIYao_Mc0PT_Ejntrck&dbm_d=AKAmf-Aaf1guuUqKF0BBTrDjZtjZZWus_iZdXXhCOJjYhqhMyxawP7KKn0BVqIz_9ElPTCdPJ8gsDx71WxBVtT8Jt9oyny4GdEnh1zMcS-5IqPsCXDZSzKtIgPrzfD5PO1D6QFELdoIV4eZr61FlcLqb9DMt8kG7BLvRNgSrtcKPH6B1cSN8MoYG1lh3XNaU9if9bP0PoaxLcdikK1qFpauMN-AIws_c3KzTqZQI6rV-YaTSaxHbhvBmeZ0479GMh_tyh12UPf4g5uOlR-6vE0Y9LM0_Gfd1EgEPrI2P29v5uaVfqXq3FXhfzJhd7Vdm1VOPyOKMkSgiI9JMfCw7VFDi2Vg5jSuk0YxeY4QDtU6hccsLZdvl-1ODh7fEtwIq_-AQysTtdhwToNL3H7rAeXRXQpbKlH7GWTzCZrmiK1P_USNTPGsw-CHEaTnYGnjRmouQvoW06k5y-0gNx2WyliStqp3BytUIZEgySB2j6F-vCQjj1FH7lMvjnZZmStnn-IBWXuFku2TL84Dp6-NZKuDLJtmjv_IkMfHFIoRKVyY5UUfMr6iFl81F2pvKBewqJ2XtK4lMx_YGtQHp7RNWLl1nQ1SLwoonutxTZsfohw7Kp1zmOW5Yf6GV_6Kfrnvh7KG5NWdkc0Ua8g-uSoaHGU6yRdA4v65PdjgW3_pM8vMQiUxnzKYPm0JJ-44cvC8tKG_FubROFvo26xxbgU9yeoIvbw1a6z1JJQOap4eW9szNViHKCD9xYoGt6ESpPmAGd6AbJWvBsU3sGWIXVpYy-cdn5O72PzTRk65FA3BT41x_e8Y8z-fc5mD7ZIOf26ygTTcXqtohd9lQf2VnqOfC_fnJFXMgiJFDvaulS6BMI5-JK9wknEgY8LrpCkUs5u2GT9h-bo9e9rmbvKgrLcqEvMQocIxC7j5EC4eIx8I-Bpr2S1ABgCQzeU9UFcOpKIsRuaWPyxS87vKwBqpvhI4-LXrGueaWmOyrgJBLay9wV9pU1DZah0yj48SsHlF7yHsVdNU-fBznHCV4hCnAYfcdYDgzypfu68Trwe0XgbacW_P5lI8PUIfZTqc-SryT85M9O72G1C8LwBGAr5xWGZkbZ3TuolbtPFiwmHhI-R1eQQHSyJpo2dqybi_3HGjMi1zGKN36oJH0qJJKmS3YE27UinIrdcthtwGlnfjMIlGo_ABbDwOVzcl6_cUydIpFg2MHc_vqNxwoJA4I-qt_smS9NwTglumix8Nt-ig8Ky0Eg_HbCn6wOzcpcgckuvA-vMpS_YHZGTAf8-DgzSqzPUoJAum_vfiPNDcQYPLqGJwDjeKGWWNW_Qm4mmXinxEHdusHdXI22G8DcDoISU0xIVOKOMfRCBSy9tLoG4q1AOYWyl1bAA1VZMMEGG4vpEKuC0B2YJj-9EGWMKtS93ldAeGSfez2BqERyt2bNM_fw55hNIgNAcJGjZ76yhEU02yaie_TtS_SyAvfsySU1GuMJbrHL_xhsMQa-NUegxmZXkIpNvaK9JCWz3blU_IPYE3OtP1AIix6SXguFsRQ0kzYIwNqymZWclGw3D3IsbJBurvUGAzkLzJZWgCpPKjztTJpzwnS4EBe0Yvqi6Mw_tzrnNDj4nls5Q13ylimv3u04nOcbBRpfJyL0q6J6WV2UEk9cbSDokhivAMwQ3Vgycpv_sge8XG8xRJen0Emb0kzRAO6AN3vdzNdT-TW_83nKhvNCPhNFV9uP8Ga7HLU5ULH-scbDx5zhUQV6svbtvAjg2yf7IypqqQRBNAovfx_EzTg5HssN6flQMYz9HAj3VuvEOmY4ywkPeNu6MujAd-ijvKYoOWpARvWiaV5SbD3CjeN1sZmiMzYjuEVdwpZgkdM5gjzAzf8FMnlxuT2TDQXzIFUB4FhyzNZAGY-DnQFe32vdbZ04ggn5N3SXMA_74P8Yq-D1FX4SWQWoU-MjD0zCpJvrlGyseI8O-bGtxebwDmdc8XDjVdEayWVRNkt1TY689U1y-M0Jl6EsaTVqRNofEDPas7xdCMn5fu7o8D9mg7TBtAjTzc2gxr11rKfcyfyCCZS4mNgTZdP9J0tCtYyNKmyKtdQunhIBjm7jD-uMGui6xzkx0zdIjHYBJWYD9aMtyx29tOzKq6TBgY1MZt8lm9Q-mWgABZ3sWMxg9Ml8SLX8z2rr9jS9lq_1xU0qMIejIgCWz8peqy7VND5Jf7ogrRi8QtuxRbBihp4aDwLwMrxDXlu1WSpSKDdEjZyuX9kcAabZN1uDdsO4MtC3ZBQfuX15wqFg9pdTDJS3Bpvb1lPl8AZRTQACJltLooxPZgQzZHNm7UEug-R-5_GcrCneQROy34GBMTvwK9gRYQ9BKRSMsYgS1N0L5nGhRyr4Z4cWA2U0V8_UG_9g2B-Iw4QaoVyxt5rXr3ud75qtZGDMdBTgW6AsAjLsQPCgA097N1nsaqH3bqpvzJ4Q0zuqIKAW73v99EjTUybEsj_K040yPrSMurN4tDVxJr1EwMgF5NVW9oX8PcQM1_oe1wA9ChCD8rz5qCIKr4L-zI7OmBkf6oOqZvza4p1jVKbDe2-_ttuqniCIQixj78mRrWz51GUwE53nyC-6nAr-YxD3eJPA3fg0iOZI2sfk-0USPMWO5VhN24bEBtfK1Ss_Sua7LxYtD3aNgdDlvZ27ACDseIDa3_S6rLhMXUkwsD_4iSWEGSh8BJnQdiev0rC4acAJeRORLkwMsmwTgU1iCIe3qdojnr0ekHjxbbx8SMmT24885qXNIPq0Nq2s02dJqaze0UHMNvMje2oFQc2tAaZKgO43lWdoJnSCnlwLlrXV0Rikpe-2TCaItS8S9RuCTxtrlkV3-y4ZoMKlCZZ_ONmEsA2nszKV9Aa_Hd8RBSbpJMnG6_S4TyBtvyImxK_QVbP4BpNXo0U40UkqRi8ULbqdRsLPm-gebHF2VbalhuOHCyNduvNcfOE6CEwEPf4jjM5QQ_dJ5FSTkx-eWkCYa8zFaESSoIMgb5wj296HZW6_Rg8DfGsFVHZpgZcuYbAv_uvW-xv4GJRARfViMTQ86_6LC_28cayKkCzzbDO51xwmNeuuJ30cmdziiVeRE4vIIqvq1MQleIIEn6ykF7zeRD7EjOyXjRSD5kZ1GJM4IlsccNId56l2fFJtHaas8xRech7LQ_cziMT2g_qUNgVjbnJZTX80cEmrRdCk-Ow8Fv4L7gcvYY3WHcLn4wx28NnSnqfUKoY_0z-NPKmDYFg_Q_Zr6uk0da4JUhEbH9DTembcpzb3z4xuwqFoQt7694ALzwauE1dhSrAWJV2CC48F5v83EVv1T9apVeHu44T3CWkZO0wT3ODqIdoeN4AVih0Qq7GdH5L5R-QkMN8BGMA2opedHzA-0Hmediqtj9u0RIFSp1nLiH6voosdoNfSD_XO3MWpFJNIeiB4lczZHsXALYQuRalIfntC7NEepVpfyfCviQTslEehUz4BeSSr4387BSdOlZR8v20qTJ8_LKiu_xdYm3xZqJ_Dn-c9oqzklOlP8LTGV3_0AAx_6vdjYFfVc2LD2FLgH0tQwBCAQx_EjAtSNo4kPnN8h0TM5O5su5PRZUNkuAyfVjfR5gytb0idqPXJ6Z3rAZF9cKQqkxrcwxcwDyVA82pN8z203HnL8SH4Pa8DrAFf3upRMlgnAOaxGIC3G8t5ybFzMgLUdib1QLrH7j5sW8kfkOoezT8mdVTEfiGepSnrscxdot87RGmv7ycVK9FS_G4BuP5C9gHgSe_vSwvZbZ27t9ovobZHAOaF21DazFcqrYUQwlP8Ch_8woXycfcCFIiKH7nJhnuTEZ4UFm6lVnRvJR8AmzqSu7_Q2ngvjqUl8MgvyajZKemoTpbyKlvFWrM6Nkg_gfOIJoKltwP8KOTDfFDSpN1KTr6UhsyOZ8vHOeBCkOys3EeZ6SfWQ&cid=CAQSPABpAlJWLmduuwffzkysiXytvoi8owXnpUxRQU8z8hqCxbKx8SXy0-C_xUPe5JjUohuj_zZtlk65xTwIYhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsazi.online%2F&ds=l&xdt=1&iif=1&cor=10345969966205716000&adk=2086295851&idt=138&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68b8178067c76bd8be513984d20c0de361926df19c8ebaf292c2815c8b48f656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41472
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1263498494&t=event&_s=2&dl=https%3A%2F%2Fsazi.online%2F&ul=en-us&de=UTF-8&dt=Sazi.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=sazi.online&cs=Balloon&cm=&cc=&ec=sazi.online&ea=Balloon&el=google-ads&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=211662011.1694802007&tid=UA-206083988-2&_gid=596744849.1694802008&z=1742371136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 09:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31164
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6X02JH402Y&gtm=45je39d0&_p=1263498494&cid=211662011.1694802007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&sid=1694802007&sct=1&seg=0&dl=https%3A%2F%2Fsazi.online%2F&dt=Sazi.Online&en=impression&_ee=1&ep.event_category=Ad%20Inserter%20Pro&ep.event_action=impression&ep.event_label=5%20-%20Adsense%20xuyen%20trang&ep.non_interaction=true&_et=2033
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6X02JH402Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sazi.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1653353/74212597/ Frame A725 46 KB
12 KB 230ms
65ms Script
application/javascript 52.49.226.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1653353/74212597/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014092394&ias_pubId=pub-3619133031508264&ias_chanId=1&ias_placementId=20544378887&bidurl=https://sazi.online/&ias_dealId=&xsId=ABAjH0iM571-lH9Z4SSfgkr7Lz2b&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iM571-lH9Z4SSfgkr7Lz2b
Requested by: Host: sazi.online
URL: https://sazi.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.226.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-226-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a097171f7fc447f71a308935b9efeb402e08f1c0473731b9c4a1c03dacddb35b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A725 111 KB
39 KB 147ms
39ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 18:19:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame A725 11 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKusL5IhJW1HhT9l7GHXL1empTjEmo_M4EeEC8HahZgNA1taGc8M85uHlPLSB701luNSNFsY7A_bRG3R3OZacRFz-gCD8b5OcTElx4XAPKZpCL98-E4PbzeGepjG0ygV19-5jYRVUiS1BXuOPbJQ4Z7nB1JTFsFIYao_Mc0PT_Ejntrck&dbm_d=AKAmf-Aaf1guuUqKF0BBTrDjZtjZZWus_iZdXXhCOJjYhqhMyxawP7KKn0BVqIz_9ElPTCdPJ8gsDx71WxBVtT8Jt9oyny4GdEnh1zMcS-5IqPsCXDZSzKtIgPrzfD5PO1D6QFELdoIV4eZr61FlcLqb9DMt8kG7BLvRNgSrtcKPH6B1cSN8MoYG1lh3XNaU9if9bP0PoaxLcdikK1qFpauMN-AIws_c3KzTqZQI6rV-YaTSaxHbhvBmeZ0479GMh_tyh12UPf4g5uOlR-6vE0Y9LM0_Gfd1EgEPrI2P29v5uaVfqXq3FXhfzJhd7Vdm1VOPyOKMkSgiI9JMfCw7VFDi2Vg5jSuk0YxeY4QDtU6hccsLZdvl-1ODh7fEtwIq_-AQysTtdhwToNL3H7rAeXRXQpbKlH7GWTzCZrmiK1P_USNTPGsw-CHEaTnYGnjRmouQvoW06k5y-0gNx2WyliStqp3BytUIZEgySB2j6F-vCQjj1FH7lMvjnZZmStnn-IBWXuFku2TL84Dp6-NZKuDLJtmjv_IkMfHFIoRKVyY5UUfMr6iFl81F2pvKBewqJ2XtK4lMx_YGtQHp7RNWLl1nQ1SLwoonutxTZsfohw7Kp1zmOW5Yf6GV_6Kfrnvh7KG5NWdkc0Ua8g-uSoaHGU6yRdA4v65PdjgW3_pM8vMQiUxnzKYPm0JJ-44cvC8tKG_FubROFvo26xxbgU9yeoIvbw1a6z1JJQOap4eW9szNViHKCD9xYoGt6ESpPmAGd6AbJWvBsU3sGWIXVpYy-cdn5O72PzTRk65FA3BT41x_e8Y8z-fc5mD7ZIOf26ygTTcXqtohd9lQf2VnqOfC_fnJFXMgiJFDvaulS6BMI5-JK9wknEgY8LrpCkUs5u2GT9h-bo9e9rmbvKgrLcqEvMQocIxC7j5EC4eIx8I-Bpr2S1ABgCQzeU9UFcOpKIsRuaWPyxS87vKwBqpvhI4-LXrGueaWmOyrgJBLay9wV9pU1DZah0yj48SsHlF7yHsVdNU-fBznHCV4hCnAYfcdYDgzypfu68Trwe0XgbacW_P5lI8PUIfZTqc-SryT85M9O72G1C8LwBGAr5xWGZkbZ3TuolbtPFiwmHhI-R1eQQHSyJpo2dqybi_3HGjMi1zGKN36oJH0qJJKmS3YE27UinIrdcthtwGlnfjMIlGo_ABbDwOVzcl6_cUydIpFg2MHc_vqNxwoJA4I-qt_smS9NwTglumix8Nt-ig8Ky0Eg_HbCn6wOzcpcgckuvA-vMpS_YHZGTAf8-DgzSqzPUoJAum_vfiPNDcQYPLqGJwDjeKGWWNW_Qm4mmXinxEHdusHdXI22G8DcDoISU0xIVOKOMfRCBSy9tLoG4q1AOYWyl1bAA1VZMMEGG4vpEKuC0B2YJj-9EGWMKtS93ldAeGSfez2BqERyt2bNM_fw55hNIgNAcJGjZ76yhEU02yaie_TtS_SyAvfsySU1GuMJbrHL_xhsMQa-NUegxmZXkIpNvaK9JCWz3blU_IPYE3OtP1AIix6SXguFsRQ0kzYIwNqymZWclGw3D3IsbJBurvUGAzkLzJZWgCpPKjztTJpzwnS4EBe0Yvqi6Mw_tzrnNDj4nls5Q13ylimv3u04nOcbBRpfJyL0q6J6WV2UEk9cbSDokhivAMwQ3Vgycpv_sge8XG8xRJen0Emb0kzRAO6AN3vdzNdT-TW_83nKhvNCPhNFV9uP8Ga7HLU5ULH-scbDx5zhUQV6svbtvAjg2yf7IypqqQRBNAovfx_EzTg5HssN6flQMYz9HAj3VuvEOmY4ywkPeNu6MujAd-ijvKYoOWpARvWiaV5SbD3CjeN1sZmiMzYjuEVdwpZgkdM5gjzAzf8FMnlxuT2TDQXzIFUB4FhyzNZAGY-DnQFe32vdbZ04ggn5N3SXMA_74P8Yq-D1FX4SWQWoU-MjD0zCpJvrlGyseI8O-bGtxebwDmdc8XDjVdEayWVRNkt1TY689U1y-M0Jl6EsaTVqRNofEDPas7xdCMn5fu7o8D9mg7TBtAjTzc2gxr11rKfcyfyCCZS4mNgTZdP9J0tCtYyNKmyKtdQunhIBjm7jD-uMGui6xzkx0zdIjHYBJWYD9aMtyx29tOzKq6TBgY1MZt8lm9Q-mWgABZ3sWMxg9Ml8SLX8z2rr9jS9lq_1xU0qMIejIgCWz8peqy7VND5Jf7ogrRi8QtuxRbBihp4aDwLwMrxDXlu1WSpSKDdEjZyuX9kcAabZN1uDdsO4MtC3ZBQfuX15wqFg9pdTDJS3Bpvb1lPl8AZRTQACJltLooxPZgQzZHNm7UEug-R-5_GcrCneQROy34GBMTvwK9gRYQ9BKRSMsYgS1N0L5nGhRyr4Z4cWA2U0V8_UG_9g2B-Iw4QaoVyxt5rXr3ud75qtZGDMdBTgW6AsAjLsQPCgA097N1nsaqH3bqpvzJ4Q0zuqIKAW73v99EjTUybEsj_K040yPrSMurN4tDVxJr1EwMgF5NVW9oX8PcQM1_oe1wA9ChCD8rz5qCIKr4L-zI7OmBkf6oOqZvza4p1jVKbDe2-_ttuqniCIQixj78mRrWz51GUwE53nyC-6nAr-YxD3eJPA3fg0iOZI2sfk-0USPMWO5VhN24bEBtfK1Ss_Sua7LxYtD3aNgdDlvZ27ACDseIDa3_S6rLhMXUkwsD_4iSWEGSh8BJnQdiev0rC4acAJeRORLkwMsmwTgU1iCIe3qdojnr0ekHjxbbx8SMmT24885qXNIPq0Nq2s02dJqaze0UHMNvMje2oFQc2tAaZKgO43lWdoJnSCnlwLlrXV0Rikpe-2TCaItS8S9RuCTxtrlkV3-y4ZoMKlCZZ_ONmEsA2nszKV9Aa_Hd8RBSbpJMnG6_S4TyBtvyImxK_QVbP4BpNXo0U40UkqRi8ULbqdRsLPm-gebHF2VbalhuOHCyNduvNcfOE6CEwEPf4jjM5QQ_dJ5FSTkx-eWkCYa8zFaESSoIMgb5wj296HZW6_Rg8DfGsFVHZpgZcuYbAv_uvW-xv4GJRARfViMTQ86_6LC_28cayKkCzzbDO51xwmNeuuJ30cmdziiVeRE4vIIqvq1MQleIIEn6ykF7zeRD7EjOyXjRSD5kZ1GJM4IlsccNId56l2fFJtHaas8xRech7LQ_cziMT2g_qUNgVjbnJZTX80cEmrRdCk-Ow8Fv4L7gcvYY3WHcLn4wx28NnSnqfUKoY_0z-NPKmDYFg_Q_Zr6uk0da4JUhEbH9DTembcpzb3z4xuwqFoQt7694ALzwauE1dhSrAWJV2CC48F5v83EVv1T9apVeHu44T3CWkZO0wT3ODqIdoeN4AVih0Qq7GdH5L5R-QkMN8BGMA2opedHzA-0Hmediqtj9u0RIFSp1nLiH6voosdoNfSD_XO3MWpFJNIeiB4lczZHsXALYQuRalIfntC7NEepVpfyfCviQTslEehUz4BeSSr4387BSdOlZR8v20qTJ8_LKiu_xdYm3xZqJ_Dn-c9oqzklOlP8LTGV3_0AAx_6vdjYFfVc2LD2FLgH0tQwBCAQx_EjAtSNo4kPnN8h0TM5O5su5PRZUNkuAyfVjfR5gytb0idqPXJ6Z3rAZF9cKQqkxrcwxcwDyVA82pN8z203HnL8SH4Pa8DrAFf3upRMlgnAOaxGIC3G8t5ybFzMgLUdib1QLrH7j5sW8kfkOoezT8mdVTEfiGepSnrscxdot87RGmv7ycVK9FS_G4BuP5C9gHgSe_vSwvZbZ27t9ovobZHAOaF21DazFcqrYUQwlP8Ch_8woXycfcCFIiKH7nJhnuTEZ4UFm6lVnRvJR8AmzqSu7_Q2ngvjqUl8MgvyajZKemoTpbyKlvFWrM6Nkg_gfOIJoKltwP8KOTDfFDSpN1KTr6UhsyOZ8vHOeBCkOys3EeZ6SfWQ&cid=CAQSPABpAlJWLmduuwffzkysiXytvoi8owXnpUxRQU8z8hqCxbKx8SXy0-C_xUPe5JjUohuj_zZtlk65xTwIYhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsazi.online%2F&ds=l&xdt=1&iif=1&cor=10345969966205716000&adk=2086295851&idt=138&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 20:57:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame A725 30 KB
11 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:04:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A725 41 KB
13 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 60B9 1 KB
643 B 47ms
39ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 19:46:49 GMT
etag: 48472445140208031
expires: Fri, 15 Sep 2023 19:46:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A725 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8ec1d911d1672bce77437eb88bc330b595356a87b033e89838cf8d86dc5a7b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CDAF 22 KB
8 KB 43ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 159757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 21:57:35 GMT
expires: Thu, 12 Sep 2024 21:57:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 60B9 35 B
463 B 152ms
31ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMtqXgPHv7GubqJmLTBj3O0&google_cver=1&google_push=AXcoOmSRC4SM9sgoOpqv9w5ihSITKzvh6FFlg5vHQPkk454CsagZs4a8jzxpsGdJJQhUNleejMo5iq62Bg-__nkhqcihMPb-J5NehQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 60B9
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEO9GWs-0QCVp6n6iFoKATJw&google_cver=1&google_push=AXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9x...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO9GWs-0QCVp6n6iFoKATJw&google_cver=1&google_push=AXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS...

43 B
426 B

241ms
213ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO9GWs-0QCVp6n6iFoKATJw&google_cver=1&google_push=AXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9xw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9xw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8072e1e62ab6bbe6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 15
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO9GWs-0QCVp6n6iFoKATJw&google_cver=1&google_push=AXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9xw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRR77cFv6-k8NqDvh_zCVGD9Vg62gZmePWr9tGVWgfR0eUTK0X_Q6iIEsqZmsJjzrDdTYtuB83MLviqjASXtr59tPWyRHS9xw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8072e1e4a898bbe6-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60B9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELkt_Poss-s0ooL-BDyP1iY&google_cver=1&google_push=AXcoOmQJzctFtSndKcTrSSBXernDoWFKc-26CdzRCn0Lj8oDZLjzVIYQCmIZwY8Qqboiz-gCQUArjlXOd2cMdoYveBkzvLLpYLKtqQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F548ADE7ACBC4100B3B9708B9744FA41&google_push=AXcoOmQJzctFtSndKcTrSSBXernDoWFKc-26CdzRCn0Lj8oDZLjzVIYQCmIZwY8Qqboiz-gCQUArjlXOd2cMdoY...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F548ADE7ACBC4100B3B9708B9744FA41&google_push=AXcoOmQJzctFtSndKcTrSSBXernDoWFKc-26CdzRCn0Lj8oDZLjzVIYQCmIZwY8Qqboiz-gCQUArjlXOd2cMdoYveBkzvLLpYLKtqQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Sep 2023 18:20:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F548ADE7ACBC4100B3B9708B9744FA41&google_push=AXcoOmQJzctFtSndKcTrSSBXernDoWFKc-26CdzRCn0Lj8oDZLjzVIYQCmIZwY8Qqboiz-gCQUArjlXOd2cMdoYveBkzvLLpYLKtqQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 14 Sep 2023 18:20:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60B9
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQgjf6F...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQgjf6F...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA5MTUxODIwMTMwMDAxMDYyNzcxMDY0MQ%3D%3D&google_push=AXcoOmQgjf6FHeP-0-SToAMZ2kKYNUlhpT5D2TX3Cs1MT_WQVWwQh5k4JguMLBwzIQxdjU...

170 B
188 B

52ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA5MTUxODIwMTMwMDAxMDYyNzcxMDY0MQ%3D%3D&google_push=AXcoOmQgjf6FHeP-0-SToAMZ2kKYNUlhpT5D2TX3Cs1MT_WQVWwQh5k4JguMLBwzIQxdjUqufeKefPenWeGh_3dNQxYRux5nJ79VPNI

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA5MTUxODIwMTMwMDAxMDYyNzcxMDY0MQ%3D%3D&google_push=AXcoOmQgjf6FHeP-0-SToAMZ2kKYNUlhpT5D2TX3Cs1MT_WQVWwQh5k4JguMLBwzIQxdjUqufeKefPenWeGh_3dNQxYRux5nJ79VPNI
pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 15 Sep 2023 18:20:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60B9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIEzGNGAJeUZ3dUIK_QwtHA&google_cver=1&google_push=AXcoOmTmoif7WHDy9j3vTH5fkYdLIfXCOgPqDR11MQUo3OYLB5Tl24gkepXi8EgHcCtOFbmlSPiRzi2akp6Iia51PzFwHQy...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmoif7WHDy9j3vTH5fkYdLIfXCOgPqDR11MQUo3OYLB5Tl24gkepXi8EgHcCtOFbmlSPiRzi2akp6Iia51PzFwHQyoxRCLOQ&google_hm=eS1ZbmE3N3haRTJwRnR6...

170 B
188 B

59ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmoif7WHDy9j3vTH5fkYdLIfXCOgPqDR11MQUo3OYLB5Tl24gkepXi8EgHcCtOFbmlSPiRzi2akp6Iia51PzFwHQyoxRCLOQ&google_hm=eS1ZbmE3N3haRTJwRnR6RzBUaEpQdF9JcFB3X3hhd3NXQn5B

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Sep 2023 18:20:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmoif7WHDy9j3vTH5fkYdLIfXCOgPqDR11MQUo3OYLB5Tl24gkepXi8EgHcCtOFbmlSPiRzi2akp6Iia51PzFwHQyoxRCLOQ&google_hm=eS1ZbmE3N3haRTJwRnR6RzBUaEpQdF9JcFB3X3hhd3NXQn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60B9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOfoWRP6BFGrXGzpEo_jjLY&google_cver=1&google_push=AXcoOmQ0fkaT5nG52JCr-_34eFTcWBfjeJSIQA9ABg2tBjqP_-heLQTFU9x9jcLcWgigksKIGJp-4_AA...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOfoWRP6BFGrXGzpEo_jjLY&google_cver=1&google_push=AXcoOmQ0fkaT5nG52JCr-_34eFTcWBfjeJSIQA9ABg2tBjqP_-heLQTFU9x9jcLcWgigksKIGJp...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNTk0MjY2NzQwNDIwMDkx&google_push=AXcoOmQ0fkaT5nG52JCr-_34eFTcWBfjeJSIQA9ABg2tBjqP_-heLQTFU9x9jcLcWgigksKIGJp-4_AA...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNTk0MjY2NzQwNDIwMDkx&google_push=AXcoOmQ0fkaT5nG52JCr-_34eFTcWBfjeJSIQA9ABg2tBjqP_-heLQTFU9x9jcLcWgigksKIGJp-4_AAnFbdw9M_4RY7Xh8aCChsQo4

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNTk0MjY2NzQwNDIwMDkx&google_push=AXcoOmQ0fkaT5nG52JCr-_34eFTcWBfjeJSIQA9ABg2tBjqP_-heLQTFU9x9jcLcWgigksKIGJp-4_AAnFbdw9M_4RY7Xh8aCChsQo4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60B9
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEX_IMai6oG38uDfrnAwRbA&google_cver=1&google_push=AXcoOmRvZ1gbLqTBdZzz2H-VAm0kjvVURy4uw8U7JH_d4MtW_gsgl_0j0cNaHzjsVS...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRvZ1gbLqTBdZzz2H-VAm0kjvVURy4uw8U7JH_d4MtW_gsgl_0j0cNaHzjsVS-YnRmUzF7Ra8vCSSoSkBiV7AIrpj5oNBXzqJEZ&google_hm...

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRvZ1gbLqTBdZzz2H-VAm0kjvVURy4uw8U7JH_d4MtW_gsgl_0j0cNaHzjsVS-YnRmUzF7Ra8vCSSoSkBiV7AIrpj5oNBXzqJEZ&google_hm=IgleCGzhSiKd3wpLxYmr_GQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:12 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRvZ1gbLqTBdZzz2H-VAm0kjvVURy4uw8U7JH_d4MtW_gsgl_0j0cNaHzjsVS-YnRmUzF7Ra8vCSSoSkBiV7AIrpj5oNBXzqJEZ&google_hm=IgleCGzhSiKd3wpLxYmr_GQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 60B9 0
12 B 49ms
47ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzmXro3cEacKbThcNj7i_SCphYI0745yTsuLPc5zKroGvsY7eFGhastc33vMuTRtS7vTjBVA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame CDAF 37 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 01:36:29 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 147 KB
23 KB 128ms
43ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d93dedf5c6c007e6fd2e250ab88fa3f581be797f16036263d5ebb2e3d049d17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 260412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24023
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 18:00:01 GMT
expires: Wed, 11 Sep 2024 18:00:01 GMT
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A725 0
0 173ms
89ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUqgod53NdifVkOyanLVV6TSMo_3YYngWsTixhpfH6exk-tydUMteSluXiQ8rn1YH352_5NOMCL2mKFptxEJEG-LAdbqsJtCf3b6DC-8eJyH-DfbINCu_RHXfaMzdaoTvIDVcASmv06RJN21DhCTxAIDLhwpJ4dStJALa2JhxIVSq3QyzOsrjGRDyaXgr9UjKb2acOODR1M-myL0x_4piuqFPuedmO7LnZ4EmqnmK2hjO6msHnl6OsJL-uz48SKOqLhs0FuAfr1YvAz2TG_aKMwktMs9VxlHBy2TMBtq3brOoinq6PR6z35CTm5b3eZGsm0ruOYRVpjO9jYen7Ovro-Oe7nSH7UEl-M5scKgXo7uZnh5wgt3Wxw-cDXwi-yaztS0Lab-fPA0jTNun6HaQ7viUxwN5pYKi5z1nwbE2J3CXwQKG5C6ro6O7MamPsD9FKbX94U5_B3Zt1IB4RHCZ1Fe7VxipFMvQ49SMiAFLl6bsKYPhIZw9qHgv2tHjx2g2zWz4uhfLNW9BA0hQopAUYwfLoVvrHZXKsFmVrJyTGB9do8ZpGLFD1uvXMOAF3pTCt0FGTtKJhjKMFns5l6-m02pwoUsfhBPhoHe758pDJI--D2YZDuNGCanASdckpqucepvWSsyAsFt60krHK-VrunmISIARsX7_SvI9srkkA90SLuTzOtEYQ-23RVPXXlT5haUcjk0ZBo1nce-vm-40RypIF0R-Hw3Rls8128-BixLszSojT6JjMCU7GApxg2QyzbNx27MYFi0u85U2q7PaEAbHWkFhznVXwcgbd4xq5qJJweomZkGeS-yZOGwftomN65Uda0DK-OB-nbRUfHn8HpI3PdwegYjmEg1NcneQX2kNyXpbFbBWx0qEYTnYwHznZx9DscPpBXfEH65HoU7csId20noINqtXhgXFK8IM6Vq-kTpDtkQmD3xOQfMvnXspgfkYfPihGGpPRJ5Bk_Q7RpEaBkcPiqK6mrtf8x1O2uT911t-RQM-4_mgSOgY1y9dFnmHrCAx7MEgm_5yvnmTx5bQF2T2AU362DfeyilJ8VFl3fG2ppOgQhLiGagd9ig1eNQdlu7fMqlkosND01YKBfByhz8_ZJ-tCyqaLXY1fMINHq3TReLpM0pTQmzFX3JnMQFtK7uMV8Qxe3_Q0qnKy8aek6_zdflItm0s3juq0Dn96dNJlXo8Si5YbUxEjlPeNINLuXUR9SRAlqYixpB0wpKQ1CbO9zGXRqjHpHjESHa5ynnPGaGLPcN4EZgHhJOfqucnorQWX-bhvaperTJBLsD-Xqul3tSXFj5snM4A&sai=AMfl-YRWWwj7I3rObWw1OptrsdEsGdMQfeBI-JswnteijG7Js9diKZCvdo6AyEuaBY1A5F8qzSy9Zk_d6FwiUB22o_t5toMM1XWtr_nHVE5Ft7s8mGWpRb6daIgDtUi9PAH5y5fvNLiJmKkfLBX4a9-pz2HFn9ffan7hBWi_Cx3XQpAQkkbWiugHugzBw3DG4Rpv7S3klClUD7rBdMLRCkahz51n_4TWckVodMxyIGSjhtvCmOoxw9T19A5SCYVoqQUN58bClfU&sig=Cg0ArKJSzB5jY9Hg_z5wEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=215&cbvp=1&cstd=211&cisv=r20230913.62323&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 18:20:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 15 Sep 2023 18:20:13 GMT

GET
H2 200 93656
tags.bluekai.com/site/ Frame A725 62 B
574 B 492ms
200ms Image
image/gif 104.76.200.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D30618981&phint=crid%3D198090200&phint=pid%3D375322880
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-200-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 15 Sep 2023 18:20:13 GMT
content-length: 62
bk-server: ad02
content-type: image/gif

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame A725 207 KB
65 KB 283ms
47ms Script
application/javascript 2600:9000:21f3:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1653353/74212597/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014092394&ias_pubId=pub-3619133031508264&ias_chanId=1&ias_placementId=20544378887&bidurl=https://sazi.online/&ias_dealId=&xsId=ABAjH0iM571-lH9Z4SSfgkr7Lz2b&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iM571-lH9Z4SSfgkr7Lz2b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 3213437
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 8dZhI9AfpP3wed6gB0nxg2kSuSjbfwFNG2Nr99p7BHYwkqJVoCePJQ==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDAF 0
20 B 159ms
158ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw0zEXKAEZZfEJO2b9u8P2OWagAkAAAAAOAHgBAI&bg=!NDelN3jNAAbP3fMH7907ADQBe5WfODDouVJb6dUvSetG82Nq7zzDNtwppe8vgPfMO3xHJwcjKUwUt9oVeAm2vF3pULKaAgAAAGdSAAAAB2gBB5kDHtskUS-Xcxf-JmG30QaBvqkLvDCtXqAcGnWgA3ZSUHbOdahWo_GAVfNl0lBbp2y24mzsMQaFpVSl5gtcvzjwjWF3xw9cB1CWMlepr_Eu2DmhITpJWh8RfIUHuv5aMySu0vcXPr3K2fs3QNM9Ydd1kyDcd_FicsvjuC0CUsMqHxFfeYZPuDk4SMiiYqwaeOTFnq6Y2HGXQVPrriK0IZENJrOvglLcDchOQXqAhwS5y_29S270ye_PMZRBhPPbEfUPVZrUvYecR3c-G32-RQouZUf5p8pSmXpMOR-pxJRI5VIwo36KD-pUOpA7RtsEFmUWHBK9sclzzld0OcShWtQhfrwQvQKxylZ2SNvWK_f7b216FhO-eBz3U9-htCWYDSqJXtVxaoLorWVPUUgKqckLlZS76nUHehlobf5e34TswCReZHg9wMcOCRvX2ZNkJAPzWqXIlu1h37s1UceLV5wCgki8SfKq_osyl48Ufpsh-uobuDfgy2Nw9DgagRmgOhknQ4ktOobRpcO-TvnpSPPFay0r9OMeePkJAomSOCwvJLHu5mfJztiurlWMDvuWHMhsnowSH7YJzu88ULHIbTnVXP_u715Stzo4kEXdGUXy3462AV0SNLbBz-dnkqc3EMYG7qWKl0skQkeEn2hOYjJQfUIXDOUEZPvO0T4DEcnLJllpRKihVhTlIG6csyNpfFC7bDk1kQKWNzTuqcOknn6NOS5oWCUaUXnm6LrGe5hIAHVmdw-0plgtnNGVhLEoL-dYz0fB4BkYMRtw4eUd7jIWpkwZR2eav_46vBd4J7DQKw1HkWi0-antmFH8whNd1a13XVXjMPPPpw4-1Rfy2ApunFY20KPf2nXHSXOvTaWbHc2HTCbOVEuHfJqt_WT48Yh15h5bXUJ3Zef9iSEGWPOlVc5ZV7P8jJ6_TtUI4R01PXCDOtBjLkKBerSHNOrhBtMUh68KHjzSNXXvCRosqiKTYMN7TjkAIu6YcOpFzvnF8cACVxR4afdOPo2zWAtut1BSiEWEpNWNSeIYC1eO-Ddn0mjtcJgNo4tHgJkLFQ9yzw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 06E6 32 KB
11 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 17:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 17:05:58 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A725 0
0 83ms
82ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUqgod53NdifVkOyanLVV6TSMo_3YYngWsTixhpfH6exk-tydUMteSluXiQ8rn1YH352_5NOMCL2mKFptxEJEG-LAdbqsJtCf3b6DC-8eJyH-DfbINCu_RHXfaMzdaoTvIDVcASmv06RJN21DhCTxAIDLhwpJ4dStJALa2JhxIVSq3QyzOsrjGRDyaXgr9UjKb2acOODR1M-myL0x_4piuqFPuedmO7LnZ4EmqnmK2hjO6msHnl6OsJL-uz48SKOqLhs0FuAfr1YvAz2TG_aKMwktMs9VxlHBy2TMBtq3brOoinq6PR6z35CTm5b3eZGsm0ruOYRVpjO9jYen7Ovro-Oe7nSH7UEl-M5scKgXo7uZnh5wgt3Wxw-cDXwi-yaztS0Lab-fPA0jTNun6HaQ7viUxwN5pYKi5z1nwbE2J3CXwQKG5C6ro6O7MamPsD9FKbX94U5_B3Zt1IB4RHCZ1Fe7VxipFMvQ49SMiAFLl6bsKYPhIZw9qHgv2tHjx2g2zWz4uhfLNW9BA0hQopAUYwfLoVvrHZXKsFmVrJyTGB9do8ZpGLFD1uvXMOAF3pTCt0FGTtKJhjKMFns5l6-m02pwoUsfhBPhoHe758pDJI--D2YZDuNGCanASdckpqucepvWSsyAsFt60krHK-VrunmISIARsX7_SvI9srkkA90SLuTzOtEYQ-23RVPXXlT5haUcjk0ZBo1nce-vm-40RypIF0R-Hw3Rls8128-BixLszSojT6JjMCU7GApxg2QyzbNx27MYFi0u85U2q7PaEAbHWkFhznVXwcgbd4xq5qJJweomZkGeS-yZOGwftomN65Uda0DK-OB-nbRUfHn8HpI3PdwegYjmEg1NcneQX2kNyXpbFbBWx0qEYTnYwHznZx9DscPpBXfEH65HoU7csId20noINqtXhgXFK8IM6Vq-kTpDtkQmD3xOQfMvnXspgfkYfPihGGpPRJ5Bk_Q7RpEaBkcPiqK6mrtf8x1O2uT911t-RQM-4_mgSOgY1y9dFnmHrCAx7MEgm_5yvnmTx5bQF2T2AU362DfeyilJ8VFl3fG2ppOgQhLiGagd9ig1eNQdlu7fMqlkosND01YKBfByhz8_ZJ-tCyqaLXY1fMINHq3TReLpM0pTQmzFX3JnMQFtK7uMV8Qxe3_Q0qnKy8aek6_zdflItm0s3juq0Dn96dNJlXo8Si5YbUxEjlPeNINLuXUR9SRAlqYixpB0wpKQ1CbO9zGXRqjHpHjESHa5ynnPGaGLPcN4EZgHhJOfqucnorQWX-bhvaperTJBLsD-Xqul3tSXFj5snM4A&sai=AMfl-YRWWwj7I3rObWw1OptrsdEsGdMQfeBI-JswnteijG7Js9diKZCvdo6AyEuaBY1A5F8qzSy9Zk_d6FwiUB22o_t5toMM1XWtr_nHVE5Ft7s8mGWpRb6daIgDtUi9PAH5y5fvNLiJmKkfLBX4a9-pz2HFn9ffan7hBWi_Cx3XQpAQkkbWiugHugzBw3DG4Rpv7S3klClUD7rBdMLRCkahz51n_4TWckVodMxyIGSjhtvCmOoxw9T19A5SCYVoqQUN58bClfU&sig=Cg0ArKJSzB5jY9Hg_z5wEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=562&vt=11&dtpt=347&dett=3&cstd=211&cisv=r20230913.62323&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: sazi.online
URL: https://sazi.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:20:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 18:20:13 GMT

GET
H3 200 MM_Logo.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 1 KB
1 KB 53ms
42ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/MM_Logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

873e54bd02647b1c767055bdd2b745e97ec2ad24fc08f22ebc25eab672df5a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 SA_Logo.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 2 KB
2 KB 52ms
44ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/SA_Logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72c04fcc62c28e3a6ae3d7e03be51122ad7de1e505dfe5931367bbb041468d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1573
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 2 KB
2 KB 52ms
45ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e608058bdd72ec71ba0a9d12ceafacdce34f91bacc11e6ad3613225874b0dfe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1695
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 cta1.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 1 KB
1 KB 53ms
45ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/cta1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb68f14a51eaf080e9ce13fcbb9c2ad1896909e25a4dbb9ebefdd8345224ba48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1136
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 Prod1.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 6 KB
6 KB 52ms
46ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/Prod1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16460c737fa286e5fa803445ea1b3c1f2f7584712b31da900da383b8cbbec518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6177
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 Preis1.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 2 KB
2 KB 84ms
78ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/Preis1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8aa9f437a354cfeea95dc1ee204f570ec6199da75aae60066bec5eff4b4cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2002
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 Visual2.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 8 KB
8 KB 71ms
67ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/Visual2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1bbf269e5e674befc38ed59ba098785dc5d5fadfee8a6a051d2ce5ff8c57d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 Visual1.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 3 KB
3 KB 51ms
47ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/Visual1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd131d016824a2e05f371453b933759ba9ee5a858bcab5dd37bb70eef60c44f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2576
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 Visual.png
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 3 KB
3 KB 51ms
48ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/Visual.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff00caf521fe834b5946f7a8eac321e31d150c0b29f925b492c23edd470a5e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3317
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H3 200 Bild.jpg
s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/ Frame 06E6 21 KB
21 KB 57ms
54ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/Bild.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a63980faf23818471332e9485c4c84c7fc0a3efbe55dc1a3c8cb5571b028175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2521419136335326645/Medium%20Rectangle/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:00:01 GMT
x-content-type-options: nosniff
age: 260412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21943
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 11:20:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Sep 2024 18:00:01 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame A725
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1653353/74212597/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014092394&ias_pubId=pub-3619133031508264&ias_chanId=1&ias_placementId=20544378887&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&xsId=ABAjH0iM571-lH9Z4SSfgkr7Lz2b&ias_xappb=

17 B
465 B

40ms
40ms

Script
application/javascript

2600:9000:21f3:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&xsId=ABAjH0iM571-lH9Z4SSfgkr7Lz2b&ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H2
Server: 2600:9000:21f3:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:47:57 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 11187137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: ZMGZjlAD5adbbFk-2lKAJOHaBZbMnrgX1-FPiNt4tdA1WwwEQKcHew==

Redirect headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&xsId=ABAjH0iM571-lH9Z4SSfgkr7Lz2b&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame FDBA 91 KB
23 KB 45ms
45ms Script
application/javascript 2600:9000:21f3:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 8542825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 0-Fax9_lziduldJwcpk-MW8Xus5ndzrgVUZ6ufTKqIdzDNeXauBJbA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A725 43 B
215 B 605ms
191ms Image
image/gif 2600:1f13:800:7781:67c5:1d20:e11a:882a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1653353&asId=bc8411a4-651b-e233-f79e-7b72d824a091&tv=%7Bc:ojrase,pingTime:-3,time:418,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:418,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPX2wOo+11%7C121%7C13%7C14%7C15%7C161%7C171%7C18%7C19*.1653353-74212597%7C191%7C192%7C193%7C194,idMap:19*,rmeas:1,rend:0,renddet:na,siq:390%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:67c5:1d20:e11a:882a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A725 43 B
216 B 602ms
190ms Image
image/gif 2600:1f13:800:7781:67c5:1d20:e11a:882a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1653353&asId=bc8411a4-651b-e233-f79e-7b72d824a091&tv=%7Bc:ojrasg,pingTime:-6,time:420,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:420,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPX2wOo+11%7C121%7C13%7C14%7C15%7C161%7C171%7C18%7C19*.1653353-74212597%7C191%7C192%7C193%7C194,idMap:19*,rmeas:1,rend:0,renddet:na,siq:390%7D&tpiLookup=ao:sazi.online*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:67c5:1d20:e11a:882a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A725 43 B
215 B 599ms
192ms Image
image/gif 2600:1f13:800:7781:67c5:1d20:e11a:882a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1653353&asId=bc8411a4-651b-e233-f79e-7b72d824a091&tv=%7Bc:ojrasm,pingTime:-2,time:426,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1042,beZ:1043,mfA:1413,cmA:1414,inA:1415,inZ:1419,prA:1419,prZ:1425,si:1431,poA:1432,poZ:1450,cmZ:1450,mfZ:1450,loA:1461,loZ:1463,ltA:1467,ltZ:1467,mdA:1043,mdZ:1378%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:388%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:426,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPX2wOo+11%7C121%7C13%7C14%7C15%7C161%7C171%7C18%7C19*.1653353-74212597%7C191%7C192%7C193%7C194,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:390,sinceFw:35,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:67c5:1d20:e11a:882a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
server: nginx
x-server-name: dt29.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A725 43 B
215 B 259ms
191ms Image
image/gif 2600:1f13:800:7781:67c5:1d20:e11a:882a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1653353&asId=bc8411a4-651b-e233-f79e-7b72d824a091&tv=%7Bc:ojraxO,pingTime:-10,time:764,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC42MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1694802013743%7C%7C12ec8d13fe7f4b0c5c4ce99f0ebc1d81%7C%7C2e6de925b83fb1ba2705210ba8c28c4b%7C%7Cc67c86f0b2e552ac077c5ce4a155a355%7C%7C2f58598774cc9f0c4c87625041b93b4b%7C%7Cfaa6affe4df29cdb644d2216937664cc%7C%7C8739d5038f68550c362f8933472058e8%7C%7C40748cd8109b53600b0ee6308ede52d8%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&h=250&slotname=6364869509&adk=164948202&adf=299928974&pi=t.ma~as.6364869509&w=300&lmt=1694794806&format=300x250&url=https%3A%2F%2Fsazi.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694802011931&bpp=1&bdt=4936&idt=2&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05cbdbeda9ad33f-22cca89e72de00ff%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg&gpic=UID%3D00000d9337315ec5%3AT%3D1694802009%3ART%3D1694802009%3AS%3DALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw&prev_fmts=0x0%2C980x280%2C620x280&nras=2&correlator=2469268713378&frm=20&pv=1&ga_vid=211662011.1694802007&ga_sid=1694802009&ga_hid=1263498494&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44800659%2C31077705&oid=2&psts=AOrYGsnZjN4bgRy79I98Q6DP4h0W_i6RDnkQKZ5Gicpt5_8BmUb9dAxpEMlo5BMGs6BwaTqqtXwa8ggEkK_fTIWkKJyTd20%2CAOrYGsnlgETBZ6dI4SK40n29qJiRdTWXJ9r_plNHsrLG1sBSKVmNyF66Iwc7NqpnrWCvJpeUl6jwX8KurQfD91OF0HS2NkhV&pvsid=3469188166586444&tmod=482352261&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=eav9meEzQL&p=https%3A//sazi.online&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:67c5:1d20:e11a:882a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
server: nginx
x-server-name: dt30.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A725 42 B
64 B 155ms
154ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7kDtzs43LXBUBZSURa68VRZEuTWuJU2D4vnLU1433t7oPnqu20gsT6MqsuMvpbqaHByDjOkFuvtijX330t77dh0tJrwJ_3z0QugQ-HnNyYFs_UqFZ-Ut6hU-VzoSAMHDIg53pLKbGzhQh&sai=AMfl-YRJpYM2pkTafo77Z3gLyeIFtqiIBDfVcnmVJ7PdKO0MpVPXiweukrNTiNi6HriqCTpXqQuxRnSsS1Hfv4OzK16kPa7tzfbI_hub8A1nU3cWrLg24KuTv-jTocKq&sig=Cg0ArKJSzIuVFgp-Qw7uEAE&cid=CAQSPABpAlJWLmduuwffzkysiXytvoi8owXnpUxRQU8z8hqCxbKx8SXy0-C_xUPe5JjUohuj_zZtlk65xTwIYhgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=164948202&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694802011939&rpt=927&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A725 43 B
215 B 193ms
193ms Image
image/gif 2600:1f13:800:7781:67c5:1d20:e11a:882a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1653353&asId=bc8411a4-651b-e233-f79e-7b72d824a091&tv=%7Bc:ojraFu,time:1240,type:e,im:%7Bpci:%7Btdr:831%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1240,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B865~0%5D,as:%5B865~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:786,fm:tPX2wOo+11%7C121%7C13%7C14%7C15%7C161%7C171%7C18%7C19*.1653353-74212597%7C191%7C192%7C193%7C194,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:390,sis:518%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:67c5:1d20:e11a:882a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:14 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PX3PZ6Q9RG&gtm=45je39d0&_p=1263498494&cid=211662011.1694802007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1694802007&sct=1&seg=0&dl=https%3A%2F%2Fsazi.online%2F&dt=Sazi.Online&en=impression&_ee=1&ep.event_category=Ad%20Inserter%20Pro&ep.event_action=impression&ep.event_label=5%20-%20Adsense%20xuyen%20trang&ep.non_interaction=true&_et=2061
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sazi.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sazi.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A725 0
20 B 141ms
141ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7706426928570&version=m202309120101&ct=76&x=1&cor=10345969966205716000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A725 43 B
215 B 199ms
197ms Image
image/gif 2600:1f13:800:7781:67c5:1d20:e11a:882a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1653353&asId=bc8411a4-651b-e233-f79e-7b72d824a091&tv=%7Bc:ojraYC,pingTime:1,time:2426,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:388%7D,%7Bpiv:100,vs:i,r:,t:1425%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1425,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0,0~100%5D,as:%5B1051~300.250%5D%7D%7D,%7Bsl:i,t:1425,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:199,fm:tPX2wOo+11%7C121%7C13%7C14%7C15%7C161%7C171%7C18%7C19*.1653353-74212597%7C191%7C192%7C193%7C194,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:390,sis:518%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:67c5:1d20:e11a:882a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:15 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A725 43 B
215 B 193ms
192ms Image
image/gif 2600:1f13:800:7781:67c5:1d20:e11a:882a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1653353&asId=bc8411a4-651b-e233-f79e-7b72d824a091&tv=%7Bc:ojraYD,pingTime:1,time:2427,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:388%7D,%7Bpiv:100,vs:i,r:,t:1425%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1425,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0,0~100%5D,as:%5B1051~300.250%5D%7D%7D,%7Bsl:i,t:1425,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:199,fm:tPX2wOo+11%7C121%7C13%7C14%7C15%7C161%7C171%7C18%7C19*.1653353-74212597%7C191%7C192%7C193%7C194,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:390,sis:518%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:67c5:1d20:e11a:882a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 18:20:15 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sazi.online/	1970-01-21 00:22:42	Name: _ga Value: GA1.2.211662011.1694802007
.sazi.online/	1970-01-20 14:48:08	Name: _gid Value: GA1.2.596744849.1694802008
.sazi.online/	1970-01-20 14:46:42	Name: _gat_gtag_UA_189072159_18 Value: 1
.sazi.online/	1970-01-20 23:32:18	Name: cf_clearance Value: 7pMfhEVVF5m7JrtPXMWJvcxICOIoRyQVSnA9ZvmZBxA-1694802008-0-1-8561fd9f.7b3b2023.abafc93c-0.2.1694802008
.aj1559.online/	1970-01-21 00:22:42	Name: UUID Value: 65386f89-e874-5f76-8841-71a41d713b23
.aj1559.online/	1970-01-20 23:32:18	Name: ucv Value: 692-DE-1694888408934-24--
.sazi.online/	1970-01-21 00:08:18	Name: __gads Value: ID=c05cbdbeda9ad33f-22cca89e72de00ff:T=1694802009:RT=1694802009:S=ALNI_MY7xXWWuUSObWbgjM6f5C3Fd90fFg
.sazi.online/	1970-01-21 00:08:18	Name: __gpi Value: UID=00000d9337315ec5:T=1694802009:RT=1694802009:S=ALNI_MYazYko9VOy4vpeRGwLgas9CVU7Jw
.sazi.online/	1970-01-21 00:22:42	Name: _ga_PX3PZ6Q9RG Value: GS1.1.1694802007.1.0.1694802009.58.0.0
.doubleclick.net/	1970-01-20 19:05:54	Name: APC Value: AfxxVi6OMooVx_ex4brQdt9wxOa5vBNU8QTQs4h3mM92ZVL0QozEDQ
.doubleclick.net/	1970-01-21 00:08:18	Name: IDE Value: AHWqTUmQDV_RjETYaphE1-bg5-omrk2PBOJDAvQVLQe0sUIsX27DhsuMQYg0P6qlrIw
.sazi.online/	1970-01-20 14:46:42	Name: _gat_Balloon Value: 1
.sazi.online/	1970-01-21 00:22:42	Name: _ga_6X02JH402Y Value: GS1.1.1694802007.1.0.1694802012.0.0.0
.adnxs.com/	1970-01-20 16:56:18	Name: uuid2 Value: 9173495844412124410
.casalemedia.com/	1970-01-20 16:56:18	Name: CMPS Value: 5209
.casalemedia.com/	1970-01-20 23:32:18	Name: CMID Value: ZQSgXG439z1x5u8jszBAKQAA
.casalemedia.com/	1970-01-20 16:56:18	Name: CMPRO Value: 3179
.adnxs.com/	1970-01-20 16:56:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU`IXr[N!@wnfH8K6pQK`!5=E<L5?%L[lgQ.F7[v2c2bl#21Sr>52)zXo>zO[Q<PwJAbpRzqF1`b^h/)y#$E
.adform.net/	1970-01-20 15:29:54	Name: C Value: 1
.quantserve.com/	1970-01-20 16:56:18	Name: d Value: EEsBCQH6KYEA
.quantserve.com/	1970-01-21 00:16:56	Name: mc Value: 6504a05c-df0da-6400c-444a9
.simpli.fi/	1970-01-20 23:33:44	Name: suid Value: F548ADE7ACBC4100B3B9708B9744FA41
.ctnsnet.com/	1970-01-20 23:32:18	Name: cid_22095e086ce14a229ddf0a4bc589abfc Value: 1
.ctnsnet.com/	1970-01-20 23:32:18	Name: gid_CAESEEX_IMai6oG38uDfrnAwRbA Value: 1
.adform.net/	1970-01-20 16:13:06	Name: uid Value: 811594266740420091
.yahoo.com/	1970-01-20 23:32:39	Name: A3 Value: d=AQABBFygBGUCEEtePz2dTdjRTkncT5Jiuk4FEgEBAQHxBWUOZQAAAAAA_eMAAA&S=AQAAAn4OqFQuul-wyR6o-yb98xY
.tribalfusion.com/	1970-01-20 16:56:18	Name: ANON_ID Value: annt6ZaoZdUQdR2Hp9uswmNI0ugcc5qZa9E1i8p2nW1UN5EiBJtogWVjFSNaY55wujZac5GuSBnBbKeUU62cgZd2dZd97PekcL
.e.dlx.addthis.com/	1970-01-21 00:16:56	Name: na_tc Value: Y
.bluekai.com/	1970-01-20 19:05:54	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 19:05:54	Name: bkpa Value: KJyNpWWvQY9xCKcENBqHxj+juJLrWiD6AY/k7qXyUqbwhb2rvDWhmrFZDb/Det1IJOD47oevQ/FWlsuPd5FmGQStpqj3YWTEAI8TP5P1ysYQadwd7uySxyxFRNDAfy==
.bluekai.com/	1970-01-20 19:05:54	Name: bku Value: ts6O9atQOsV+exD6
.addthis.com/	1970-01-21 00:16:56	Name: na_id Value: 2023091518201300010627710641
.addthis.com/	1970-01-21 00:16:56	Name: na_tc Value: Y
.addthis.com/	1970-01-21 00:16:56	Name: uid Value: 6504a05db8de939e
.addthis.com/	1970-01-21 00:16:56	Name: ouid Value: 6504a05d0001c0970ef1054a08e8bc1a054a7c006a96735c3ead
.dlx.addthis.com/	1970-01-20 15:29:54	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 15:29:54	Name: na_sr Value: 20230915
.dlx.addthis.com/	1970-01-20 14:46:42	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 15:29:54	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://server.zmedia.vn/static/template-v2/passback_ptopc/sazi.online-passback-ptopc.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ade.googlesyndication.com
aj1559.online
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
ius.ctnsnet.com
pagead2.googlesyndication.com
partner.googleadservices.com
plausible.io
pr-bh.ybp.yahoo.com
r1---sn-4g5edn6k.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
sazi.online
server.zmedia.vn
static.adsafeprotected.com
stats.g.doubleclick.net
tags.bluekai.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
103.171.93.27
104.18.39.155
104.76.200.221
142.250.185.194
142.250.186.66
172.217.16.194
185.89.210.101
2001:4860:4802:32::3
2001:4860:4802:34::36
212.124.124.115
2400:52e0:1a01::996:1
2600:1f13:800:7781:67c5:1d20:e11a:882a
2600:9000:21f3:3200:8:48e:53c0:93a1
2606:4700:3032::ac43:b7ca
2606:4700:3037::6815:3064
2606:4700::6812:19ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:4001:d::6
2a00:1450:400c:c03::9c
2a05:d018:d29:3605:cca0:8b97:e855:348c
34.91.62.186
35.186.193.173
37.157.6.254
52.49.226.99
64.233.167.155
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16460c737fa286e5fa803445ea1b3c1f2f7584712b31da900da383b8cbbec518
191358a3f73300d0e9261238c26392106fee1e878fa3f048f821905132012734
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c3007b80d1197de7a0014c537d9d6fc4a5b77ed6e2797a10e180600647c4e0c
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20a20052455646787437b807cf2047d982c1083bfc69dca08798fdc18bd5175a
212f0cac0b66cca9a0a07c8e795245f967d651de5322f665e2d6a73ad477c0a8
2137289b39631f8ef921a8753988405e659507b8ecb02a33df1ecac1dce0976b
2573f3f7854bf1486b629505ca6128352250e4dae42658985b79628227650151
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3351b7b8669bf282e512a86d1cfde14ec965039b868928e7800a8d6db7df0fef
3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150
34abe783448328545727cdb92f8be1840992e31f95ac3b5161522c7a152ca37d
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f806a19a20885a156ceb760f01b4fddc9e037b0f94dbbdaf33c53077f5fc08
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4c8194abaf57a3d9668303c2f4be90448493d1d085af8785b91ffeb14d39f1a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8aa9f437a354cfeea95dc1ee204f570ec6199da75aae60066bec5eff4b4cf6
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5363601ae17d7a5fa626c15742ee2633a6025b5cc5d6f1afd9758e08928471f7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57de4757a0debf6ea07a1b6aadb2bc1bd943861896dfb0855ca6b0b4ba29165e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68b8178067c76bd8be513984d20c0de361926df19c8ebaf292c2815c8b48f656
6a4ffaaf0076d7cb9fe8386b0309ca6058eb94de4915071caa99615aec9977e4
6a63980faf23818471332e9485c4c84c7fc0a3efbe55dc1a3c8cb5571b028175
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72da02b4cc76ee99df5600b410e8a18e51497a5511085994c3f5e4aaa6eb6a5b
77585e79dae352ac04c4746c5f6ba64f3b616e699f7045a73c84302962a602a9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7978607c6e15cdea4877eb192ae5a9e606bda26d6a9fd62deefc74a1a7320d4f
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9d1c1b33a4f2c317f1519d34ff980b8fcc49330f368ca44e7e5f7974db772
83b934e7be461a1f81470a412da856458331dec72368fbd06412b59c1471b8a2
873e54bd02647b1c767055bdd2b745e97ec2ad24fc08f22ebc25eab672df5a8e
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
899cdd5ff53d9cad60fc77671c1221cb3c4ed757132ce4e18f2f51369606f117
8f2e9691fedd7508723a79201284c2b41364f04392378821d87a93218ebb8321
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a120f21a80def5f87911ade7dfdccaeae400dbd262acf1bb0ddd0d1946942a4
9a8c4445fb3fa2082d4f51928f28b4b6ecadb9ff56b7af244ccff2d2c84e6b2d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a097171f7fc447f71a308935b9efeb402e08f1c0473731b9c4a1c03dacddb35b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
a486dd876605ca00e690046515d518bfb57dbe08d0da2b208ad860247f589dfb
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
ace443488186d8b776d6a9843c6f9b80ca18474cc2e2c821ef5f4ddd7ab3fb81
acf9911eaa381e18fbd67241d47323ca848dfa1fe1fd0e1c02ba90e319809649
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6ef0ce51af02ff26f63c55b46c2707f15b6765b527b03e61c7e3ac9a36b4e6b
b72c04fcc62c28e3a6ae3d7e03be51122ad7de1e505dfe5931367bbb041468d0
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c267994dcaa8ea62d78978c3156d7dc4617482191803d6f2f260cd09cf386db9
cb268d25119fb5f6e2727162ba9248809161ab2e4bd38b9be6998783df697573
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
d1bbf269e5e674befc38ed59ba098785dc5d5fadfee8a6a051d2ce5ff8c57d9f
d31e66c7768ab41b052c4e4a972c74f021690a597b7b8899604abf5e95ac9bb8
d5099a8e43b0f2546056b5ce3aa812b4c15809b98ccbacb90c25624b95d11d2a
d7465e0b0af835cfd022048ef505c83512b5882a1fd568fc7eac5190a43c97ed
d7916c6132f0392c7510dde696b89d51cf0685306f6ffc51b6e9861aa8a72b1b
d8ec1d911d1672bce77437eb88bc330b595356a87b033e89838cf8d86dc5a7b6
d92c6cbc1d482cb917c2ccca6da263f9443600d3f4d595a96d924c1682ee9b7b
d93dedf5c6c007e6fd2e250ab88fa3f581be797f16036263d5ebb2e3d049d17e
d954fe33b0f989aa06f4bcc08e2b717e984cb15313c67caaf5a093d26fe72317
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e123af706e543d1cf24e7b7972f27dbe8415d126ba8cba23f5746983a6246023
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e608058bdd72ec71ba0a9d12ceafacdce34f91bacc11e6ad3613225874b0dfe2
eb68f14a51eaf080e9ce13fcbb9c2ad1896909e25a4dbb9ebefdd8345224ba48
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9
ecf4ed10bdd02d997835d62368a900bd08f394d4dc736a827c8ca7ebb18d0d06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
efd365de63fcccafddd9d7117b168373eab0aaa4c5823de48df849e4936a1e74
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f770f53606f5b101a6dc372072d4823db885063e9bdff67345248ce8507f31ad
fa619b53bd27f4d0595f858544068ecc8e1556610e8a36feee5eb550d3aec09c
fbc425efffa7966d0215a1f8401aac691ee82cb07e1961f90b31bb07a5b80cd7
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fca1a05ff44697d8ab58673b996e86dc06879e8f4743e4173e9803324f9bc3ad
fd131d016824a2e05f371453b933759ba9ee5a858bcab5dd37bb70eef60c44f3
ff00caf521fe834b5946f7a8eac321e31d150c0b29f925b492c23edd470a5e6c

sazi.online Open in urlscan Pro 2606:4700:3037::6815:3064 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

93 %HTTPS

67 %IPv6

26 Domains

42 Subdomains

34 IPs

8 Countries

2659 kBTransfer

13895 kBSize

39 Cookies

0 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sazi.online Open in urlscan Pro
2606:4700:3037::6815:3064 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

93 %
HTTPS

67 %
IPv6

26
Domains

42
Subdomains

34
IPs

8
Countries

2659 kB
Transfer

13895 kB
Size

39
Cookies

200 HTTP transactions
4 data transactions