www.painaidii.com Open in urlscan Pro
103.246.17.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://painaidii.com/
Effective URL:
http://www.painaidii.com/
Submission Tags: tranco_l324
Submission: On November 27 via api (November 27th 2021, 7:17:20 am UTC) from DE — Scanned from DE

Summary HTTP 459 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 74 IPs in 14 countries across 56 domains to perform 459 HTTP transactions. The main IP is 103.246.17.188, located in Thailand and belongs to POP-IDC-TH POPIDC powered by CSLoxinfo, TH. The main domain is www.painaidii.com.

This is the only time www.painaidii.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	103.246.17.188 103.246.17.188	131447 (POP-IDC-T...) (POP-IDC-TH POPIDC powered by CSLoxinfo)
2	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	95.100.146.50 95.100.146.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
49	103.7.59.33 103.7.59.33	131447 (POP-IDC-T...) (POP-IDC-TH POPIDC powered by CSLoxinfo)
1	203.151.144.224 203.151.144.224	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
5 11	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.96.135.185 104.96.135.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.21.20 51.89.21.20	16276 (OVH) (OVH)
2	47.74.174.177 47.74.174.177	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
17	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
26	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
48	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4013:c07::78	15169 (GOOGLE) (GOOGLE)
1	142.251.5.157 142.251.5.157	15169 (GOOGLE) (GOOGLE)
3 4	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1 1	54.73.238.193 54.73.238.193	16509 (AMAZON-02) (AMAZON-02)
14 35	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	18.194.46.33 18.194.46.33	16509 (AMAZON-02) (AMAZON-02)
4 4	104.96.159.57 104.96.159.57	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
6 7	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	203.154.91.10 203.154.91.10	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
1 2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:16::6	15169 (GOOGLE) (GOOGLE)
2 4	54.76.210.111 54.76.210.111	16509 (AMAZON-02) (AMAZON-02)
3 15	184.51.9.98 184.51.9.98	16625 (AKAMAI-AS) (AKAMAI-AS)
36	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:214... 2600:9000:214f:ee00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	92.123.9.160 92.123.9.160	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.51.9.18 184.51.9.18	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
5	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
2 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
2 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:55f3:aa52:2cab:d50d	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	18.196.195.54 18.196.195.54	16509 (AMAZON-02) (AMAZON-02)
2 2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
1 2	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 3	92.123.21.100 92.123.21.100	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.235.213.39 34.235.213.39	14618 (AMAZON-AES) (AMAZON-AES)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
459	74

32 103.246.17.188 (Thailand) 1 redirects

ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH)
PTR: www.painaidii.com

painaidii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.painaidii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.146.50 (Slough, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-50.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 103.7.59.33 (Thailand)

ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH)
PTR: 103-7-59-33.ptr.pop-idc.com

ads.painaidii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.painaidii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.151.144.224 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 224.144.151.203.sta.inet.co.th

hits.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.223.38 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.135.185 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-135-185.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.20 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p14.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.74.174.177 (Singapore, Singapore)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

adnetwork.adasiaholdings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4013:c07::78 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:3175:5196:e3fd:8c1d (United States) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.238.193 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-238-193.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.185.162 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.46.33 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-46-33.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.96.159.57 (Vienna, Austria) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.78 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.200.29 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.154.91.10 (Ban Phrao, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-91-10.inter.net.th

lvs.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:16::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5ednd7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.76.210.111 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-210-111.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 184.51.9.98 (Vienna, Austria) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:ee00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.18 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-18.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.236 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.80.231 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:55f3:aa52:2cab:d50d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.195.54 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.21.100 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-100.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.213.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-213-39.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	googlesyndication.com pagead2.googlesyndication.com 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com tpc.googlesyndication.com	878 KB
81	painaidii.com 1 redirects painaidii.com www.painaidii.com ads.painaidii.com img.painaidii.com	9 MB
70	doubleclick.net 15 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net	447 KB
39	2mdn.net 1 redirects gcdn.2mdn.net r1---sn-4g5ednd7.c.2mdn.net s0.2mdn.net	3 MB
26	adsafeprotected.com 2 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	195 KB
26	facebook.com www.facebook.com	14 KB
25	pubmatic.com 6 redirects hbopenbid.pubmatic.com image6.pubmatic.com ads.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	30 KB
14	casalemedia.com 3 redirects htlb.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com dsum.casalemedia.com	13 KB
13	adnxs.com 5 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	27 KB
12	googletagservices.com www.googletagservices.com	323 KB
11	rubiconproject.com 5 redirects fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	14 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	139 KB
9	google.com 2 redirects adservice.google.com www.google.com	1 KB
9	criteo.com 3 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	8 KB
6	googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	327 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com	3 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	addthis.com 4 redirects e.dlx.addthis.com	3 KB
4	quantserve.com 3 redirects cms.quantserve.com pixel.quantserve.com	2 KB
4	openx.net adasia-d.openx.net rtb.openx.net u.openx.net	956 B
4	facebook.net connect.facebook.net	197 KB
4	fontawesome.com use.fontawesome.com	88 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	onaudience.com 2 redirects pixel.onaudience.com	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	fbcdn.net static.xx.fbcdn.net	138 KB
3	rlcdn.com 2 redirects id.rlcdn.com	886 B
3	everesttech.net 3 redirects pixel.everesttech.net sync-tm.everesttech.net	1 KB
3	google.de adservice.google.de www.google.de	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	53 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	523 B
2	mookie1.com odr.mookie1.com	430 B
2	adasiaholdings.com adnetwork.adasiaholdings.com	441 B
2	4dex.io script.4dex.io	23 KB
2	truehits.in.th hits.truehits.in.th lvs.truehits.in.th	8 KB
2	anymind360.com anymind360.com	158 KB
1	deepintent.com match.deepintent.com	44 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	dotomi.com 1 redirects casale-match.dotomi.com	187 B
1	simpli.fi um.simpli.fi	616 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	createjs.com code.createjs.com	63 KB
1	agkn.com 1 redirects d.agkn.com	760 B
1	googleadservices.com partner.googleadservices.com	441 B
1	id5-sync.com id5-sync.com	534 B
1	smartadserver.com prg.smartadserver.com	566 B
1	sascdn.com ced.sascdn.com	27 KB
459	56

	Domain	Requested by
48	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com securepubads.g.doubleclick.net 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com www.painaidii.com s0.2mdn.net pagead2.googlesyndication.com
44	pagead2.googlesyndication.com	www.painaidii.com pagead2.googlesyndication.com googleads.g.doubleclick.net 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com s0.2mdn.net
36	s0.2mdn.net	www.painaidii.com s0.2mdn.net 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
35	cm.g.doubleclick.net	14 redirects www.painaidii.com googleads.g.doubleclick.net
31	www.painaidii.com	www.painaidii.com
27	img.painaidii.com	www.painaidii.com
26	www.facebook.com	www.painaidii.com connect.facebook.net
22	ads.painaidii.com	www.painaidii.com
16	dt.adsafeprotected.com	7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com www.painaidii.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com www.painaidii.com
12	www.googletagservices.com	www.painaidii.com googleads.g.doubleclick.net securepubads.g.doubleclick.net 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com www.googletagservices.com
11	ib.adnxs.com	5 redirects anymind360.com googleads.g.doubleclick.net acdn.adnxs.com
10	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
9	securepubads.g.doubleclick.net	anymind360.com www.googletagservices.com securepubads.g.doubleclick.net www.painaidii.com
7	simage2.pubmatic.com	ads.pubmatic.com
7	image6.pubmatic.com	6 redirects ads.pubmatic.com
7	www.google.com	2 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com tpc.googlesyndication.com
6	static.adsafeprotected.com	pixel.adsafeprotected.com 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	www.painaidii.com
6	fonts.gstatic.com	fonts.googleapis.com
5	image2.pubmatic.com	ads.pubmatic.com
5	pixel.rubiconproject.com	2 redirects
5	7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	pixel.adsafeprotected.com	2 redirects 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
4	e.dlx.addthis.com	4 redirects
4	gum.criteo.com	2 redirects static.criteo.net
4	connect.facebook.net	www.painaidii.com connect.facebook.net
4	use.fontawesome.com	www.painaidii.com use.fontawesome.com
3	token.rubiconproject.com	3 redirects
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	x.bidswitch.net	3 redirects
3	pixel.onaudience.com	2 redirects ads.pubmatic.com
3	sync.mathtag.com	3 redirects
3	static.xx.fbcdn.net	www.facebook.com
3	id.rlcdn.com	2 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	mug.criteo.com	www.painaidii.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ads.betweendigital.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	loada.exelator.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	d5p.de17a.com	2 redirects
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	js-sec.indexww.com	anymind360.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	anymind360.com eus.rubiconproject.com
2	ads.pubmatic.com	anymind360.com ads.pubmatic.com
2	static.criteo.net	anymind360.com static.criteo.net
2	ad.doubleclick.net	www.googletagservices.com
2	r1---sn-4g5ednd7.c.2mdn.net	www.painaidii.com
2	www.google-analytics.com	1 redirects www.painaidii.com
2	rtb.openx.net	googleads.g.doubleclick.net
2	googlecm.hit.gemius.pl	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	adnetwork.adasiaholdings.com	ced.sascdn.com
2	script.4dex.io	anymind360.com script.4dex.io
2	anymind360.com	www.painaidii.com anymind360.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	ads.yahoo.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	sync.extend.tv	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	1 redirects
1	acdn.adnxs.com	anymind360.com
1	u.openx.net	anymind360.com
1	www.google.de	www.painaidii.com
1	stats.g.doubleclick.net	1 redirects
1	code.createjs.com	s0.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	lvs.truehits.in.th	www.painaidii.com
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	id5-sync.com	ced.sascdn.com
1	bidder.criteo.com	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	prg.smartadserver.com	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	hits.truehits.in.th	www.painaidii.com
1	ced.sascdn.com	anymind360.com
1	ajax.googleapis.com	www.painaidii.com
1	painaidii.com	1 redirects
459	101

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.agoda.com
www.booking.com
truehits.net
twitter.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
anymind360.com R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-05` - `2021-12-04`	3 months	crt.sh
*.painaidii.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-09` - `2022-09-08`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-09` - `2022-01-18`	2 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh

This page contains 51 frames:

Primary Page: http://www.painaidii.com/
Frame ID: 62C4A940AF34B81CAA11D20DB6D407D3
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 8B80538748B9BE914093EF2E51E41B4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&adk=3211944677&adf=4012703082&lmt=1637997431&plat=3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.painaidii.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1637997431447&bpp=3&bdt=1212&idt=96&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4995198938443&frm=20&pv=2&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=108
Frame ID: 05E5D8A51F6DF76DF1A48E9AA352FF0E
Requests: 1 HTTP requests in this frame

Frame: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 780F64BB6BF436EF7A50FD895E8516CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3352934356&adf=3491011728&pi=t.aa~a.641232905~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=2&bdt=1452&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=NLKbJ9LVwX&p=http%3A//www.painaidii.com&dtd=18
Frame ID: 259D17C5D90D29A24597FA4AE5C9C518
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3085252350&adf=3247054316&pi=t.aa~a.2285606708~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1451&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280&nras=3&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=3042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=gPpxAzJNwG&p=http%3A//www.painaidii.com&dtd=22
Frame ID: FAB6A35CDA43921171FBE36690A4D9B9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=1136123777&adf=3628545868&pi=t.aa~a.3923138242~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1452&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280%2C940x280&nras=4&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=4330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=12&uci=a!c&btvi=3&fsb=1&xpc=HOoL08cNNo&p=http%3A//www.painaidii.com&dtd=26
Frame ID: 0ED44A0915D2FA0FB5E5BC16CCA08707
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7DC353DFBD4766FCD1558BB6FCDE445
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3BAD4ABEC5A2AEDF7972EB4ABB886D8A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2342C09661C57BBBD2224E5F59465FB6
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D0A51E0C582FBD4812341CF3E9937F41
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 3AA62664B60F38612609000A63069CA3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 0DD8FDD88587B1182902C32A406327AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8975718052AD77C61E1FFB719C9C3C33
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1yDcqJ5RpC3F9i0CaIV2QavvW2fnHqOu5JOQdfygJi15ReNL_pXnfpQ6yGm1ZZuJUdThSYzqYBQ0AHL_HgJwKYCDyaB1eI6skH_DmiqB-wtwBC2KvNw2OgX2BdTedFHQ1cuhxZVkaOZ7bu03wsC-H_I1ZqmOSvei7JBXw4tm8NYENZwR3N40fNLNCuKeo7j50z5us8sDMheFRc1xQP9Uy_RGdo3OxH4iuGatzyqPX7wgo7JuXumyuXxOBIiYXitSLmnLRHWOGtZxe1R1hrIpTb6jhmCKRYkqNLeMx02XPzVEKsaHNGpzCNjkPS637&sai=AMfl-YSsO9K6602Ks6HUlczBVvkFmPwd1D7RTMNlNR73aDoN2A0ocfqwARPlHaf63B5Hu6vTIpu2uWW3soBKNneDvT09PzvN1B-5sZvMekoOFA8eorZjWelOPSNt9FRZeiNV&sig=Cg0ArKJSzHioahWoPsq5EAE&uach_m=[UACH]&adurl=
Frame ID: 3CE658673937CCD784CABA2267D2BE6F
Requests: 9 HTTP requests in this frame

Frame: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B6F4F41B7E85663008B48273A8E69F96
Requests: 14 HTTP requests in this frame

Frame: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3DC41DD7DBA7031FC41B7D95446A65B0
Requests: 8 HTTP requests in this frame

Frame: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 59A90EBB3DA1D66AAAA9723423F6734A
Requests: 32 HTTP requests in this frame

Frame: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B1D6EDBB9357951E3E01502E1E439C9
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIe6qbsBMAE&v=APEucNWISFRqvlRjdUGxHuLeH5p7CxNsJgrh8CBzSCr9r14IFbul3eeYuyMp5Jkk6UX38GAYO0MwfRCpN-3yk_GmOzXqXr34R706knYYFESCHwG_Plsmz5bPq1v33oEND5I4EWEDHpiis4LVsmnBTV__fUU4whfw5ehjvhg14fRSlqyIG7IeJqA
Frame ID: A77F4979970F04C7C8F026E22E5C8575
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNXwEtkLg6G4oX2E1Htr8DiRNm2jW8gnRaXEntHluNt9B9qildXs41Nl2tQjwqwTHvXyyBIGNgoEYLQUT34gcrJJmjBn2O2FhnvHxs0MpsstMD3bVfopO8KOL5li9hBdjZqAwjFgUSdwUHplxsGs5uwKKK1ZUzFKBIFlbRXf_9oUxMzAsZg
Frame ID: 51DA17967590FD7127491B64BEBF56C8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html
Frame ID: 6981AB442585E2E42FB91076105BB25D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNW9rJlJE_6Jtt4yEDp54_CC1lPduf5bo3JsMcnNEbrtsUia-ysH3xoIx24wklRJxw0zj27xn9nUcurmc3oKnzIf_D-9UzxChF0sC4--Ypd1PntWq4_twt9AJUeFeQMQ55MHPAkWwS1tL7SG7ZQ9v3uYNqL4k9c41FGymTxazfQ7jr_VrtY
Frame ID: E070052765C3AF48BFE7C3D65A7AC31C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4F39977A330AB10DA886FA324E41964D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D73EF0AAF904301D413CCCF254BBC699
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/300x250.html
Frame ID: 5571905BCD0BF22FC641BD075E2268CA
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09C2793F5B9CAF87165FBD78D7ACEBE9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 464F66462655B400FF07BAC362BFE182
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0ABFF44F01CED5F569BB76B03584D124
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 76CDCBEB34F120F701BB4E5A762D949B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
Frame ID: 2218DCEA9EB85245FEC8F24324955BF8
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
Frame ID: 34E900AD5226363CAAC517C16236DE52
Requests: 19 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B0247C8C3EC5E285DF7A42FBF30124D7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 6AD9BECE0C611A5722CBDDBCF633D7BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 1BE559DC3B8D1C9C8C7DDDE8C52CD249
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: C758752FBAE1D93D8F713AF5E986C58C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Frame ID: CFF9A77F908C1B83220D40B6D13D64F1
Requests: 25 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.painaidii.com
Frame ID: 04478261E5550C2E7FB94707EA5887A6
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: BE10C282B8653A87A8C16DC7ECF0ED34
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 213E573F0EBC950DFA9E8D8E0841EDA7
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7F9D6BDBAA6FF604557FEB7AB6C7BE7F
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 967D5E214702946A69C053241E2EC73F
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E0FBE126BA396BB2E3538B95066411E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7D14E44CB2276FB0D330171CB3251F97
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41B2671E05E426BC5C375A965CE416CE
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FE38CA92747C824A1A31FD2DEC9E1C83
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F
Frame ID: 9DFD0C3C77ACD7F09CA1D48264B0D0A0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2470210704163507447
Frame ID: 5D4C2709D51242B5ABD8B438A9E3AB74
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F7DFFFE5809B5232B278F4611EBEF799
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7035145409975613581
Frame ID: 83C1CA9B8B17E1BF20B4E1D159DE9A90
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaHbegAHtgzMrABG&gdpr=0&gdpr_consent=&_test=YaHbegAHtgzMrABG
Frame ID: 16F7DE0BD443C9E72452ED7655CB306A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ไปไหนดี | เว็บท่องเที่ยวยอดนิยมของไทย รวมสถานที่ท่องเที่ยว และข้อมูลท่องเที่ยวทั่วประเทศ แนะนำที่เที่ยว ที่กิน ที่พัก ทั่วเมืองไทย

Page URL History Show full URLs

http://painaidii.com/ HTTP 302
http://www.painaidii.com/ Page URL

Page Statistics

459
Requests

69 %
HTTPS

37 %
IPv6

56
Domains

101
Subdomains

74
IPs

14
Countries

15539 kB
Transfer

21457 kB
Size

93
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/c/PaiNaiDiiTH/videos
Title: วิดีโอคลิป

Search URL Search Domain Scan URL

URL: https://www.agoda.com/th-th/?cid=1483668
Title: จองโรงแรม

Search URL Search Domain Scan URL

URL: https://www.agoda.com/partners/partnersearch.aspx?cid=1483668&pcs=8
Title: จองโรงแรม - Agoda.com

Search URL Search Domain Scan URL

URL: https://www.booking.com/?aid=829925
Title: จองโรงแรม - Booking.com

Search URL Search Domain Scan URL

URL: https://truehits.net/stat.php?login=painaidii

Search URL Search Domain Scan URL

URL: https://twitter.com/painaidii

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Painaidii

Search URL Search Domain Scan URL

URL: https://www.instagram.com/painaidii/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/painaidii

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://painaidii.com/ HTTP 302
http://www.painaidii.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 92

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.painaidii.com%2F&domain=www.painaidii.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ZB5KDHxQbEtnU2grQXo5eUNtZ2czTTl6d2cyU0dzdENLa2lPd2Y3Q1FkVUx0YU1SeW44NkJyYTJmbmJ0MTJpUHAvNXlYb09NSVlVTmdsd0JtbktBSlpvZVlaeDlSNjJmQ0J5REtnazBZd25GYm9ld2taNW5BM1dQVHg4ZWUxMVo3cEQ2OGxaN2VLRUlBQjZKbitSSE4xeS90Y1M3Qlhqek1SeXRxb3g1Zm9wUlJtQW93akF2dS9NUXVHbXVaVnQ1MGlVMVZTUm0zK2tNT3dPTStueWs0QlpKNCtGdlF3d21RN1VMZEwvSVc0dmNUWVc5enprMkg4c2RUcnA3S1I0UTg3MzMvfA&cppv=2

Request Chain 173

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJeFEWOThsFuerPW8LIMcfHnJXdyJLBaMn1wHXGaYu8fJaaLgOmYl7-cu35V33y0BYdRkOOSNLRy4c-ox17rlRqHps9ZUo&google_gid=CAESEEzdm_b_0Yn1n5JNwg0he5s&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFIYmVBQUFBVDl3OEdhaA&google_push=AYg5qPJeFEWOThsFuerPW8LIMcfHnJXdyJLBaMn1wHXGaYu8fJaaLgOmYl7-cu35V33y0BYdRkOOSNLRy4c-ox17rlRqHps9ZUo

Request Chain 174

https://d.agkn.com/pixel/2175/?google_gid=CAESELQlxzJe1pZxJjjfmmGOocM&google_cver=1&google_push=AYg5qPJJbXav0ff2doJk0rzXtwu1Qu6BwnMQv_mIdHpHf_53TWWrOrba_tDPjLeWCu61pAD3TxDaymWldJ7n2v850T5aKb5J_bM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJJbXav0ff2doJk0rzXtwu1Qu6BwnMQv_mIdHpHf_53TWWrOrba_tDPjLeWCu61pAD3TxDaymWldJ7n2v850T5aKb5J_bM&google_hm=Q0FFU0VMUWx4ekplMXBaeEpqamZtbUdPb2NN

Request Chain 175

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK3kL6rtCRlY2bFgWJIpg-JiAgZ38wVCCnVXibxWtA-8aOiBkW40EpLMMhXulBXawltdD9H0wvQkuL1m7OyY1RO-TJ-Kg&google_gid=CAESEHp6gjYDhRNJPSvZeJKX-KM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK3kL6rtCRlY2bFgWJIpg-JiAgZ38wVCCnVXibxWtA-8aOiBkW40EpLMMhXulBXawltdD9H0wvQkuL1m7OyY1RO-TJ-Kg&google_gid=CAESEHp6gjYDhRNJPSvZeJKX-KM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcwNzE3MTIwMDAzOTIyOTk1NzAyMw%3D%3D&google_push=AYg5qPK3kL6rtCRlY2bFgWJIpg-JiAgZ38wVCCnVXibxWtA-8aOiBkW40EpLMMhXulBXawltdD9H0wvQkuL1m7OyY1RO-TJ-Kg

Request Chain 177

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGxEzdKVSzp29Wu0bcxuh3Q&google_cver=1&google_push=AYg5qPKBjEH8Pk_fgT1f2HtP_xEV6bYKlA9ddV22XJUrkUjTIe0z00DJpnyZrcV1YwWqCNRT0ZybRabqBgwv9fNaSXIcfcTkWQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGxEzdKVSzp29Wu0bcxuh3Q&google_cver=1&google_push=AYg5qPKBjEH8Pk_fgT1f2HtP_xEV6bYKlA9ddV22XJUrkUjTIe0z00DJpnyZrcV1YwWqCNRT0ZybRabqBgwv9fNaSXIcfcTkWQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iiftxfZVRmuJiGkyXuyweA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKBjEH8Pk_fgT1f2HtP_xEV6bYKlA9ddV22XJUrkUjTIe0z00DJpnyZrcV1YwWqCNRT0ZybRabqBgwv9fNaSXIcfcTkWQ

Request Chain 178

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGsDlEY2NXD_Z6g2652fe0Q&google_cver=1&google_push=AYg5qPJa-Ccnc3EoBGi45ZDMef4RVqgnLt72rwHfkiEniMFfgIyVcIN3ZjfYQotD8mCWNWq4hLxqfG0As6qBm6dAHk0xBBf_Dylt HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJa-Ccnc3EoBGi45ZDMef4RVqgnLt72rwHfkiEniMFfgIyVcIN3ZjfYQotD8mCWNWq4hLxqfG0As6qBm6dAHk0xBBf_Dylt&google_hm=1ykunrsaftlvhglqkoqjfwlhfkma

Request Chain 181

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBueGIISoBsP_XiEkNKcE0Y&google_cver=1&google_push=AYg5qPIxBKyBIHUo8StEVozO_AU_atd5wW7xAS06lKAcGDFZ6zS_Yc_Y3-0un_fYu90Yk-OSgeQ7s144UQBl1HeukNiVIJ3FjZPl HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIxBKyBIHUo8StEVozO_AU_atd5wW7xAS06lKAcGDFZ6zS_Yc_Y3-0un_fYu90Yk-OSgeQ7s144UQBl1HeukNiVIJ3FjZPl&google_hm=dYpNdbVjl_PXedeE0QxBDw

Request Chain 182

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKFYQfnUxW9-eCy_cRkX4kdgwvdQjMWgR3tnZjKN79KNbMmuk2IsXN7ympJRHDNtfxjNF8rQ1JO5g2ckorLLY886opitvs&google_gid=CAESELMgpfqoh7dFfFovp37jHOI&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPi2h40GEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLRllRZm5VeFc5LWVDeV9jUmtYNGtkZ3d2ZFFqTVdnUjN0blpqS043OUtOYk1tdWsySXNYTjd5bXBKUkhETnRmeGpORjhyUTFKTzVnMmNrb3JMTFk4ODZvcGl0dnM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMEtYaUxZRDcwc3MxYnY5X2V6dllmQ2JlS056SVdvZWNHcFlRRzhQdGtoNA==&google_push

Request Chain 185

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOShRo8s9ODVCLc3m9-Shm8&google_cver=1&google_push=AYg5qPL7nxMaczfp8Gr0Tpfp6rSFpUlGEhPq11OdftHDIeH5fuWiAenIUSUvzu6DeeqKgosFxZOquWRwbBjTYXNb8CA58iogcLjQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOShRo8s9ODVCLc3m9-Shm8&google_cver=1&google_push=AYg5qPL7nxMaczfp8Gr0Tpfp6rSFpUlGEhPq11OdftHDIeH5fuWiAenIUSUvzu6DeeqKgosFxZOquWRwbBjTYXNb8CA58iogcLjQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=65q3CiE-RsGCOzcj5QNv5g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7nxMaczfp8Gr0Tpfp6rSFpUlGEhPq11OdftHDIeH5fuWiAenIUSUvzu6DeeqKgosFxZOquWRwbBjTYXNb8CA58iogcLjQ

Request Chain 186

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECa9lFhFuctJY0xHW7Xz2ZY&google_cver=1&google_push=AYg5qPKdygoWt2xvHJ8GdHY7hEcIQb8Mkw1mPF_RyIcjq5d3Egr860hd8RTYriSEdXgN1_dN17pYF9qaIV9HveA49c9rEjxKOV0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dISEROMFktMVMtSkdYMQ==&google_push=AYg5qPKdygoWt2xvHJ8GdHY7hEcIQb8Mkw1mPF_RyIcjq5d3Egr860hd8RTYriSEdXgN1_dN17pYF9qaIV9HveA49c9rEjxKOV0

Request Chain 187

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_cver=1&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm

Request Chain 190

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP20tkB1dn4xNQv3_OWeXxA&google_cver=1&google_push=AYg5qPIVjLg3NDXf3ABilHsXBo9W0GZoRFeoZprE-41xkDCQNz_oZl3X9h_C6q3bCBMtGhWmEtn7IW5Qk0AQF1UfBT9NZMoE9ACH HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIVjLg3NDXf3ABilHsXBo9W0GZoRFeoZprE-41xkDCQNz_oZl3X9h_C6q3bCBMtGhWmEtn7IW5Qk0AQF1UfBT9NZMoE9ACH&google_hm=dYpNdbVjl_PXedeE0QxBDw

Request Chain 191

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLcDfbanbM_Jhy_2gzyziy85i2VXNY3bf7yMfKQVxduC_w5SzG_BtJghs-cg8MEuwtltgCeNs5L9yQloODTZitvLIoHZarp&google_gid=CAESEJOb0M3r4z0UcGQV0WyScdU&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLcDfbanbM_Jhy_2gzyziy85i2VXNY3bf7yMfKQVxduC_w5SzG_BtJghs-cg8MEuwtltgCeNs5L9yQloODTZitvLIoHZarp&google_gid=CAESEJOb0M3r4z0UcGQV0WyScdU&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcwNzE3MTIwMDAxMTQ5NDU0NDQ0OQ%3D%3D&google_push=AYg5qPLcDfbanbM_Jhy_2gzyziy85i2VXNY3bf7yMfKQVxduC_w5SzG_BtJghs-cg8MEuwtltgCeNs5L9yQloODTZitvLIoHZarp

Request Chain 193

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKqcqYFubQdagEpzrZu8UX4&google_cver=1&google_push=AYg5qPKxBInMuoAZkBFgFYLT4pBNsytWAVqU9r4BnXPzsK4pCTebEjdxscE1eon9LGSsEispHlNerFmgvJLAof1BYwKJ4CXwB7Kz HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKqcqYFubQdagEpzrZu8UX4&google_cver=1&google_push=AYg5qPKxBInMuoAZkBFgFYLT4pBNsytWAVqU9r4BnXPzsK4pCTebEjdxscE1eon9LGSsEispHlNerFmgvJLAof1BYwKJ4CXwB7Kz&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CeWZeN15SLKexFiPL-TMDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKxBInMuoAZkBFgFYLT4pBNsytWAVqU9r4BnXPzsK4pCTebEjdxscE1eon9LGSsEispHlNerFmgvJLAof1BYwKJ4CXwB7Kz

Request Chain 194

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO4pJrYswauVlOGZrU8LSkY&google_cver=1&google_push=AYg5qPI5tyd10kKISf0ap9PznuFZqd0Gwv-6A2xZgXb8RWiicHsdq8X1aXGGWw7ySFcZjVdczQsDWHGf4pa3PPWf9QuURFUFDCq3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dISEROMFktMVMtSkdYMQ==&google_push=AYg5qPI5tyd10kKISf0ap9PznuFZqd0Gwv-6A2xZgXb8RWiicHsdq8X1aXGGWw7ySFcZjVdczQsDWHGf4pa3PPWf9QuURFUFDCq3

Request Chain 195

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1

Request Chain 196

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENJYIyPOZKpkMPPVQ8EFWc4&google_cver=1&google_push=AYg5qPKrr0dEO9Q8oOEc0H7YA1nbW_HZ6dnceDe2h36O9ZUlDEx5QmdR0kMdYLeSiXZXWIk-eA-q3CP9Dvo7BQ6fhAkLV5HXHcPUVg HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKrr0dEO9Q8oOEc0H7YA1nbW_HZ6dnceDe2h36O9ZUlDEx5QmdR0kMdYLeSiXZXWIk-eA-q3CP9Dvo7BQ6fhAkLV5HXHcPUVg&google_hm=

Request Chain 199

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 202

https://gcdn.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669533432/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/114A63474E1DACDD94E940923B7C238449331EF5.95B9382BB21C36E5FD9BC93601AA1BB00CAFA093/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5ednd7.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669533432/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34681AABF03C4F53D4D0DD9DF42D1BD4187DD5DE.3DA884CA0469F163A1A20BFDAEEDBD250D1CC6DB/key/cms1/cms_redirect/yes/mh/y7/mip/2a01:4f8:150:2008:34::1/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1637997062/mv/u/mvi/1/pl/50/file/file.mp4

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1

Request Chain 249

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaHbeOaLsyGEHNDe2XQW.wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2

Request Chain 250

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

Request Chain 251

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

Request Chain 266

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1

Request Chain 267

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaHbeOaLsyGEHNDe2XQW.wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

Request Chain 269

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1

Request Chain 275

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaHbeOaLsyGEHNDe2XQW.wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

Request Chain 277

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

Request Chain 289

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 326

https://pixel.adsafeprotected.com/rfw/st/774473/57793669/skeleton.js?adsafe_url=http%3A%2F%2Fwww.painaidii.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a7361e66-2e5d-df98-7973-9cce87ad3ce9,c:v9lwgc,sl:na,em:true,fr:false,thd:1,mn:app15ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:309,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a1%7C1a21%7C1a3%7C1a4%7C1b*.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:326,oid:0b06a519-4f52-11ec-b516-0a320acf4edc,v:19.8.270,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 328

https://pixel.adsafeprotected.com/rfw/st/774473/57793669/skeleton.js?adsafe_url=http%3A%2F%2Fwww.painaidii.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b27fde0a-419c-35db-f157-f4df63aeef15,c:v9lwgz,sl:na,em:true,fr:false,thd:1,mn:app20ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:319,fm:sPWKiK9+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:326,oid:0b06a555-4f52-11ec-aed8-02467abe7cd0,v:19.8.270,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 361

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1035309969&utmhn=www.painaidii.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E0%B9%84%E0%B8%9B%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%94%E0%B8%B5%20%7C%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%94%E0%B8%99%E0%B8%B4%E0%B8%A2%E0%B8%A1%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B9%84%E0%B8%97%E0%B8%A2%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%AA%E0%B8%96%E0%B8%B2%E0%B8%99%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%20%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B8%B9%E0%B8%A5%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%E0%B8%97%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%20%E0%B9%81%E0%B8%99%E0%B8%B0%E0%B8%99%E0%B8%B3%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%81%E0%B8%B4%E0%B8%99%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9E%E0%B8%B1%E0%B8%81%20%E0%B8%97%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B9%80%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%87%E0%B9%84%E0%B8%97%E0%B8%A2&utmhid=747328226&utmr=-&utmp=%2F&utmht=1637997434082&utmac=UA-24945841-1&utmcc=__utma%3D81308566.438431747.1637997432.1637997432.1637997432.1%3B%2B__utmz%3D81308566.1637997434.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=143470102&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1035309969&utmhn=www.painaidii.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E0%B9%84%E0%B8%9B%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%94%E0%B8%B5%20%7C%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%94%E0%B8%99%E0%B8%B4%E0%B8%A2%E0%B8%A1%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B9%84%E0%B8%97%E0%B8%A2%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%AA%E0%B8%96%E0%B8%B2%E0%B8%99%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%20%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B8%B9%E0%B8%A5%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%E0%B8%97%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%20%E0%B9%81%E0%B8%99%E0%B8%B0%E0%B8%99%E0%B8%B3%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%81%E0%B8%B4%E0%B8%99%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9E%E0%B8%B1%E0%B8%81%20%E0%B8%97%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B9%80%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%87%E0%B9%84%E0%B8%97%E0%B8%A2&utmhid=747328226&utmr=-&utmp=%2F&utmht=1637997434082&utmac=UA-24945841-1&utmcc=__utma%3D81308566.438431747.1637997432.1637997432.1637997432.1%3B%2B__utmz%3D81308566.1637997434.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=143470102&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24945841-1&cid=438431747.1637997432&jid=143470102&_v=5.7.2&z=1035309969 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24945841-1&cid=438431747.1637997432&jid=143470102&_v=5.7.2&z=1035309969 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24945841-1&cid=438431747.1637997432&jid=143470102&_v=5.7.2&z=1035309969&slf_rd=1&random=1224701688

Request Chain 392

https://gum.criteo.com/sid/json?origin=publishertag&domain=painaidii.com&sn=ChromeSyncframe&so=3&topUrl=www.painaidii.com&bundle=h3JJjl8ydDJkaGZuZzVkN2xFN1VmWSUyRkNOcVZLMUV0UTVabzU3cGp2SXYxbVlKbW5HVVRSUmM1OFJSbzlTbzNERUcyTmNQTTlSVU5jOU11dzc3T0hGeDNNM2hEajFHNkwlMkZxU05NMFQzREg5bXpEaGxWNlozdzdVNE5Lb3A1RGxmV21HRVA&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xM8s4nxZcE1Vb214MGFjSjNBK1BhR3hLdXl6MnBJMFJ3UjVkK3lyd3NmTEhqRXJnM29QdDZRdno2cEtiUTdFYXMwdTNBeG03ci83SnJ5L0RBSEcweWhnS1JUb0VDRmFha3lmbDdjcE9mSFZHTjQ1TXcxTmk1b2xtWFlKNUlhTk0vK0VrbGdnNnBTOGVwb2dXNDRPS1hVb2ZvMndLVkhhMUl1dkJqLzJ1UDQyOGhVNEp6Nkk1L0w1WDFYTzEyNjFOU1NVTGd3dmhWd3BDYkhyblZQeXU1dFBSalI0cllIWlMxVDBUaHlrSXZmOXBSeG9CUkVMalh5bExQRUZITEtTY3hkT2RzNHkyaTRFcGNrMVFqMnArajVFVHFuNUt4amVRZFJxZVdPanNzTTlESnRyND18&cppv=2

Request Chain 425

https://c1.adform.net/serving/cookie/match?party=14&cid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F

Request Chain 426

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2470210704163507447

Request Chain 427

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 428

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7035145409975613581

Request Chain 429

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YaHbegAHtgzMrABG HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaHbegAHtgzMrABG&gdpr=0&gdpr_consent=&_test=YaHbegAHtgzMrABG

Request Chain 430

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CeWZeN15SLKexFiPL-TMDw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 431

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a25d61a1-db7a-4500-b26e-dc01c28a23c9

Request Chain 432

https://pixel.onaudience.com/?partner=214&mapped=09E59978-DD79-48B2-9EC4-588F2FE4CC0F HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=8eb081013d4cccabea1d6c172d28fa66 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bac804b8961246b3f740a1e3ac3ebe62

Request Chain 433

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDlFNTk5NzgtREQ3OS00OEIyLTlFQzQtNTg4RjJGRTRDQzBG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 434

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED47icd4n_r6o4QZMotr_JA&google_cver=1

Request Chain 436

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b7b61a1-db7a-4500-8673-450da3e81a17&gdpr=0&gdpr_consent=

Request Chain 437

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5517787165593516766

Request Chain 438

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e957c8bc-d20f-47bc-82de-bcd09466642f

Request Chain 439

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3681791446403730819&gdpr=0&gdpr_consent=

Request Chain 440

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uW8-2-s8aNKiaDnZ7Gly2b47a4-iZ2fdu2hjbyDG

Request Chain 442

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-K9NJIX9E2uVJ2rhI6npDWeqG4jmvbuM-~A&gdpr=0&gdpr_consent=

Request Chain 443

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=0322160d-55d6-514b-830b-071fe2aadc64&ssp=pubmatic&expires=30&user_group=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b627a7d3-2a54-4b22-ac56-13910e4a8309&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 444

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&dcc=t

Request Chain 446

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1

Request Chain 448

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638083834&gdpr=1

Request Chain 449

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6912838341069742203&uid=Q6912838341069742203&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 450

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=800d019c-0dea-41e6-b968-e65a0906e6a2

Request Chain 454

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBQ3v3lbS1Ddre_z_gTxNKU&google_cver=1

Request Chain 456

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/hf9yvkRBOd3502G3XjRztcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1463174972434543395

Request Chain 458

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c38f61a1-db7a-4100-ada7-66f055862a7a

Request Chain 459

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWHHDN0Y-1S-JGX1&sigv=1&esig=2~592e3c2402b192d0d45cef165af9dd53c6b32c87

Request Chain 460

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTFmYTQ1NDdjODk2MzU0Zjc1OTEyYjMxNWYwZGUyNjNhNmYwZDFiMQ

459 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.painaidii.com/
Redirect Chain

http://painaidii.com/
http://www.painaidii.com/

105 KB
15 KB

6888ms
6878ms

Document
text/html

103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.8
Resource Hash: 5219c183e15a4918a28d8aca95259316759450dc0732fbe748cebf6acabac113

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 27 Nov 2021 07:17:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15114
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 27 Nov 2021 07:17:00 GMT
Server: Apache/2.2.15 (CentOS)
Location: http://www.painaidii.com/
Content-Length: 288
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 ats.js Show response
anymind360.com/js/364/ 119 KB
27 KB 28ms
7ms Script
application/javascript 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/364/ats.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1e24e0b0db55d9b2cbaf3f27350ede02425b77dd5b0941ee0d7e0e6928197e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:10 GMT
content-encoding: gzip
age: 47170
x-guploader-uploadid: ADPycduAZZkwIi8hr_vFwBFFmEL7QlGrS9WGbuBeaTuQPVqpezFYWPLULQ2gz_0BTrL0y6mWIeLFp0mxmQwtb6IMe9LU8y7xXg
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 27127
x-served-by: cache-tyo11934-TYO, cache-fra19153-FRA
access-control-allow-origin: *
expires: Fri, 26 Nov 2021 18:11:00 GMT
last-modified: Thu, 11 Nov 2021 11:32:32 GMT
server: UploadServer
x-timer: S1637997430.277040,VS0,VE1
etag: "eae4b4a328ef21484cb827e959bfabcb"
vary: Accept-Encoding
x-goog-hash: crc32c=dzMixw==, md5=6uS0oyjvIUhMuCfpWb+ryw==
x-goog-generation: 1636630352736984
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 27127
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1, 1

GET
H/1.1 200
OK reset.css
www.painaidii.com/tpl/ 3 KB
1 KB 367ms
365ms Stylesheet
text/css 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.painaidii.com/tpl/reset.css
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 034c79ef8ee48a0233dbb06a6294f885e5125231a068dddfe47f15c685c65684

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jun 2012 06:46:57 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e34250-c46-4c1638cf46593"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 1063

GET
H/1.1 200
OK style.css
www.painaidii.com/tpl/ 126 KB
18 KB 379ms
378ms Stylesheet
text/css 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.painaidii.com/tpl/style.css
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e6d76cf44ffeebd401fa3cdd8492719fb0bf4146e413ad9bd561e87605668004

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 01:58:01 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e3422f-1f855-5b9d819e33508"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 17737

GET
H/1.1 200
OK style2.css
www.painaidii.com/tpl/ 152 KB
20 KB 377ms
375ms Stylesheet
text/css 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.painaidii.com/tpl/style2.css
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 098661857adffa540f490014f7f6bcea498550bdf7aca1fc9074d374e5e3af9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Oct 2021 06:13:04 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e34230-25fd2-5cf4f7cae13dd"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 20228

GET
H/1.1 200
OK tinybox.css
www.painaidii.com/tpl/ 1 KB
779 B 367ms
366ms Stylesheet
text/css 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.painaidii.com/tpl/tinybox.css
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e24fdb0d1402261ad8c04b71ab05c93178ead5a10f7ac70e24e5302eb1149959

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2014 04:51:34 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "21c25a4-432-4f128cfd0763b"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 430

GET
H/1.1 200
OK tinybox.js Show response
www.painaidii.com/tpl/ 5 KB
2 KB 367ms
366ms Script
text/javascript 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.painaidii.com/tpl/tinybox.js
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d836f0f435dde8a7b0e20ffe39298d69110e92dfd512cf82e141bdccb7e80c5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2014 04:51:34 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "21c25ae-156a-4f128cfcb55ab"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 1974

GET
H/1.1 200
OK jquery-latest.js Show response
www.painaidii.com/tpl/js/ 92 KB
33 KB 538ms
195ms Script
text/javascript 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.painaidii.com/tpl/js/jquery-latest.js
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Nov 2012 02:48:10 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e372f0-16eac-4cdf2dd9aee32"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 33140

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.14/ 197 KB
198 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.14/jquery-ui.min.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:08:43 GMT
x-content-type-options: nosniff
age: 68907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201658
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Nov 2022 12:08:43 GMT

GET
H/1.1 200
OK close-button.png
www.painaidii.com/tpl/images/add-new/ 1 KB
2 KB 185ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/add-new/close-button.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 958705c19cc9cc6a1e4716ffc29d685efcdc864708c862443f7b8eced538945b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Last-Modified: Fri, 01 Jun 2012 06:57:32 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1ea0035-5dd-4c163b2c76122"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 1501

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 54ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7948434009836314

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ba62b7cf2ea5eae058ad7d7f055830a6ff4985ad79f439cd075ce755c652010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.painaidii.com/
Origin: http://www.painaidii.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51182
x-xss-protection: 0
server: cafe
etag: 10648801614111002115
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:17:11 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1056 / 964 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 07:17:11 GMT

GET
H2 200 45c8787627.js Show response
use.fontawesome.com/ 9 KB
4 KB 232ms
215ms Script
text/javascript 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/45c8787627.js
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8252b1ef963737d43d1a47e8891e102fe593081e8222d7a52391b1c2fd60e830

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C4YK4Q1ART8YVHZF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: YcffQd0oLSfLNDeg+Nh4ahJSHPgLuagREFaUtflmiZwYyWKDrw/x8e6ziW0gPtNpjF9dGJH2AOI=
last-modified: Wed, 30 Jun 2021 18:49:35 GMT
server: cloudflare
etag: W/"ed3c427bcba727ee42f405e57cc20440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=offYU7XjN2n3vShBoiYnuB9Xgtn3FFtZ5I4kUH19LSw3BJ3ebCkqzGqF5Fe8fAiI2AA5eykGeRG1WFyroHu6SjcOUUAoU6%2BpZfNjaJEEU4V8F0YEnktnKFl4zAt5FaqEAQFDulHWmXUqs1tfI2cpO4sN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 6b499347dd146951-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 44ms
16ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/364/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1056 / 417 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 07:17:11 GMT

GET
H2 200 prebid.js Show response
anymind360.com/js/ 418 KB
131 KB 15ms
6ms Script
application/javascript 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/364/ats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5924f9185dc4aab39c1e44a8b067d4d47111034e7df89ce1f82f6bf30567e5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
age: 82054
x-guploader-uploadid: ADPycdsfLlTLCSC7hnRTyMcUpcI6NP5K7nhhOoUJH4B_RUs7DAVeO5lhnxL6y5JgUopDLLVkS-6-awMyOdlNfXInh4A
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 133600
x-served-by: cache-tyo11961-TYO, cache-fra19153-FRA
access-control-allow-origin: *
expires: Fri, 26 Nov 2021 08:29:37 GMT
last-modified: Wed, 20 Oct 2021 08:29:32 GMT
server: UploadServer
x-timer: S1637997431.276837,VS0,VE0
etag: "37409290c04d4b14cb61a25163740b19"
vary: Accept-Encoding
x-goog-hash: crc32c=3ETR+Q==, md5=N0CSkMBNSxTLYaJRY3QLGQ==
x-goog-generation: 1634718572010406
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 133600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 35805, 8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2060/ 81 KB
27 KB 69ms
50ms Script
application/javascript 95.100.146.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ced.sascdn.com/tag/2060/smart.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/364/ats.js
Protocol: HTTP/1.1
Server: 95.100.146.50 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-50.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c877a8f5fa35d65bad6a1e177a1b733c7da89e57fddd60f137e035855dc9e9eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 27550
Expires: Sat, 27 Nov 2021 07:32:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 28ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: hVhwy2DinT2w81sLytVPfieY2oElX2mPv6N70MQCTUfgBYQH0dAFa2aeA8lAyiHng1Y+Da5+1uvpdYwXizqKsQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 27 Nov 2021 07:17:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK logo.png
www.painaidii.com/tpl/images/ 16 KB
16 KB 191ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/logo.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f3034c200bf9012fb72a8438ff25390a5cf3c278bc60050f29392a958895a80d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Last-Modified: Fri, 20 Jun 2014 09:40:31 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e224a6-3f09-4fc4148d29ce9"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 16137

GET
H/1.1 200
OK th-go.png
www.painaidii.com/tpl/images/ 5 KB
5 KB 191ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/th-go.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: beb14a737c516b807d2071f0aa40327f45f251a47f31c20b1e7d91f69560acd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21bfc-12fe-4b5c439601227"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 4862

GET
H/1.1 200
OK th.png
www.painaidii.com/tpl/images/ 1 KB
1 KB 191ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/th.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 45616de31b0b642875a8dd98825589888b21ae1dc5bf66389c67777677d0af18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21c03-4aa-4b5c439601227"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 1194

GET
H/1.1 200
OK en.png
www.painaidii.com/tpl/images/ 1 KB
2 KB 352ms
185ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/en.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5d54798969f4d935fb489dfdfbdc570a52b1eab39e46c7fde7ff64b87f797557

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21bf2-583-4b5c439600a57"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 1411

GET
H/1.1 200
OK go.png
www.painaidii.com/tpl/images/ 3 KB
3 KB 521ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/go.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 548c69024004800ab3d9461a7ce797b8bdf0a7deea758a0ebfc019a1626c1ffa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21cbb-c95-4b5c439614e8f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 3221

GET
H/1.1 200
OK 4633-travel-FlowerFarm.jpg
ads.painaidii.com/images/ 189 KB
190 KB 933ms
365ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.painaidii.com/images/4633-travel-FlowerFarm.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 29603acf635d6bcdb8f8cc3b6ee362f3629bed9f635c4614f58c6599b7b5496f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 18 Nov 2021 08:47:48 GMT
Server: nginx/1.10.2
ETag: "61961334-2f56c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 193900
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 4393-eat-ChanCafeNiceView3.jpg
ads.painaidii.com/images/ 148 KB
149 KB 391ms
380ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/4393-eat-ChanCafeNiceView3.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: ed15100e0f4a835eefb32d7bf275a17fdeaa4eefff5e412108b944e6b59f40bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Tue, 07 Jul 2020 07:40:28 GMT
Server: nginx/1.10.2
ETag: "5f0426ec-25185"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151941
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 3928-eat-ThaiDessertCafe.jpg
ads.painaidii.com/images/ 171 KB
172 KB 938ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.painaidii.com/images/3928-eat-ThaiDessertCafe.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: de1c6683fb6aa8c0d5dec9a1bb3d24ec3841dc0debcde3964e31e87bbcff7c27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Tue, 23 Nov 2021 05:22:21 GMT
Server: nginx/1.10.2
ETag: "619c7a8d-2ad2d"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175405
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 3308.jpg
www.painaidii.com/tpl/images/cover/ 326 KB
327 KB 489ms
184ms Image
image/jpeg 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/cover/3308.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eafa628bbd5d1388123d3dd5aac44bd83c8db3c48523f5b8f3f6cceabc47c412

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 28 Jun 2018 08:30:45 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "30e0faf-5199d-56faf8c2fca78"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 334237

GET
H/1.1 200
OK 4617-hotel-WinterKhaoyai.jpg
ads.painaidii.com/images/ 146 KB
147 KB 943ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.painaidii.com/images/4617-hotel-WinterKhaoyai.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 65c7f2b5d24d28a2b4d1aad3fe135f49326b2b4151ec7d3f0471627a2b673866

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Fri, 15 Oct 2021 10:15:36 GMT
Server: nginx/1.10.2
ETag: "616954c8-249e0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149984
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK PhitsanulokHotelNearRiver.jpg
ads.painaidii.com/images/ 159 KB
159 KB 388ms
387ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/PhitsanulokHotelNearRiver.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 3e06ee9aedeeac0cf2d86184c7fd07fa3fdb0f12cbce22e2dff608d0b6bf843b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 04 Apr 2019 09:24:03 GMT
Server: nginx/1.10.2
ETag: "5ca5cd33-27b3b"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 162619
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 20191212_3_1576148401_551203_m.jpg
img.painaidii.com/images/ 35 KB
36 KB 390ms
365ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20191212_3_1576148401_551203_m.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: b5982308ef0aef7cd0587ad4c040123510cf76a33bfead29fc702f63a58e43fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Fri, 08 Oct 2021 09:16:23 GMT
Server: nginx/1.10.2
ETag: "61600c67-8dcc"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36300
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 4322-hotel-MomotaroResort.jpg
ads.painaidii.com/images/ 233 KB
233 KB 366ms
365ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/4322-hotel-MomotaroResort.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 2a45a324ec3823b7d14a0912a3b7ade3178c71c983287abae4d6f4391b2551af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 23 Jan 2020 01:53:38 GMT
Server: nginx/1.10.2
ETag: "5e28fca2-3a2d9"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238297
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 20180523_3_1527051150_463760_m.jpg
img.painaidii.com/images/ 40 KB
40 KB 385ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20180523_3_1527051150_463760_m.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 2001033e0bef7b81b3d5cb35840510b8b49974fe99b50d0b388e9b3f01b70dd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Fri, 05 Nov 2021 03:09:40 GMT
Server: nginx/1.10.2
ETag: "6184a074-9f5c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40796
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 1819-hotel-patthalung.jpg
ads.painaidii.com/images/ 70 KB
70 KB 365ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/1819-hotel-patthalung.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: bd85ade60a12a293e444d14028a076bf1ee0d7dccba6b2e7c287d1222e520e5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Tue, 29 Jan 2019 04:50:39 GMT
Server: nginx/1.10.2
ETag: "5c4fdb9f-117a2"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71586
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK GuideNakhonPhanom.jpg
ads.painaidii.com/images/ 88 KB
89 KB 365ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/GuideNakhonPhanom.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: b70ef49751b1599d428e460404ffcf1325e89596c212a29b230714a6fa5de0a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Tue, 04 Sep 2018 10:27:59 GMT
Server: nginx/1.10.2
ETag: "5b8e5e2f-16181"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90497
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 492-hotel-petchaboon.jpg
ads.painaidii.com/images/ 125 KB
126 KB 365ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/492-hotel-petchaboon.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 6cfc778f9710d90547c8f4ca54e3e7efda19d1962058da1d0654ed3b8e0a9ad6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 24 Jan 2019 03:58:09 GMT
Server: nginx/1.10.2
ETag: "5c4937d1-1f4cc"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128204
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 20200821_4695_1597974366_661036.jpg
img.painaidii.com/images/ 595 KB
595 KB 365ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20200821_4695_1597974366_661036.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 3bd088e53350ab168664f3877fc41aae4fc607d98c0a38d03847c4aceaf7e6fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Fri, 21 Aug 2020 01:46:07 GMT
Server: nginx/1.10.2
ETag: "5f3f275f-94a57"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 608855
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 20201119_8176_1605764934_916981.jpg
img.painaidii.com/images/ 593 KB
594 KB 364ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20201119_8176_1605764934_916981.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 143136b1bc137a7ca9da7fcc273ce8307c3ab7ed1c2aff3fa7ba26f15ee3cd04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 19 Nov 2020 05:48:55 GMT
Server: nginx/1.10.2
ETag: "5fb60747-945ff"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 607743
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 20210916_6_1631764933_809021.jpg
img.painaidii.com/images/ 657 KB
657 KB 365ms
364ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20210916_6_1631764933_809021.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: be0f09525f60408d43c30b1a30f0ae97209dad9fd47c6cd27e73c2129994ebcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 16 Sep 2021 04:02:14 GMT
Server: nginx/1.10.2
ETag: "6142c1c6-a43a2"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 672674
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 4247-eat-skyview.jpg
ads.painaidii.com/images/ 187 KB
187 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/4247-eat-skyview.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 1d46e501ffa513fb4621f82c60a9ab465cd2e14d3e4fe4bde506e8cbeaafbd60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Tue, 17 Sep 2019 07:11:09 GMT
Server: nginx/1.10.2
ETag: "5d80870d-2eb64"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 191332
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 4278-eat-cedar.jpg
ads.painaidii.com/images/ 211 KB
211 KB 184ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/4278-eat-cedar.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 840cb772e485aff7d999a32fa9a57853c1f1bc1bef8d09cb485c708ad1c24fb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Wed, 13 Nov 2019 02:02:15 GMT
Server: nginx/1.10.2
ETag: "5dcb6427-34bf5"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 216053
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 4318-eat-PhuWinCafemonjam.jpg
ads.painaidii.com/images/ 129 KB
130 KB 184ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/4318-eat-PhuWinCafemonjam.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 5532263d9283500e65a10801d02fcfc2e236d1b8a52ac47d89b8ad6c15022aff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Fri, 17 Jan 2020 04:52:07 GMT
Server: nginx/1.10.2
ETag: "5e213d77-20545"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 132421
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 1818-eat-phatthalung.jpg
ads.painaidii.com/images/ 71 KB
71 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/1818-eat-phatthalung.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: ee66fe9aa6fee1805d6f05f32b119ff7d95a81b9d2e8d0c665ab143f27092319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Thu, 24 Jan 2019 03:44:13 GMT
Server: nginx/1.10.2
ETag: "5c49348d-11ab1"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72369
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 1737-eat-nakhonpanom.jpg
ads.painaidii.com/images/ 65 KB
65 KB 185ms
184ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/1737-eat-nakhonpanom.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: e5685a906ac5a9cb02a04e6880f0f02c6598b5ec4b23e94d11cc7126df49d311

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Thu, 24 Jan 2019 04:28:36 GMT
Server: nginx/1.10.2
ETag: "5c493ef4-10407"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66567
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 489-eat-petchabun.jpg
ads.painaidii.com/images/ 79 KB
79 KB 288ms
288ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/489-eat-petchabun.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 438f59f80dc0b331ab05fc7b36c4a41744974cc8250b1cc0eebcdfd1cd6add93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Thu, 24 Jan 2019 03:41:49 GMT
Server: nginx/1.10.2
ETag: "5c4933fd-13b9b"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80795
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 20210310_4695_1615354772_145647.jpg
img.painaidii.com/images/ 390 KB
390 KB 365ms
363ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20210310_4695_1615354772_145647.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 41acebc920d3c0e101add5612a7e4cbd42cce1f93f4914d6c44e6c673f22671b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Wed, 10 Mar 2021 05:39:32 GMT
Server: nginx/1.10.2
ETag: "60485b94-617ef"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 399343
Expires: Mon, 27 Dec 2021 07:17:09 GMT

GET
H/1.1 200
OK 20200814_4695_1597370266_972690.jpg
img.painaidii.com/images/ 541 KB
542 KB 184ms
184ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20200814_4695_1597370266_972690.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 431180841d460f3bd471229575322405ee03a0df21e3ec058182c314ed67956d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Fri, 14 Aug 2020 01:57:47 GMT
Server: nginx/1.10.2
ETag: "5f35ef9b-87561"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 554337
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 20201117_8176_1605577742_423479.jpg
img.painaidii.com/images/ 484 KB
484 KB 184ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20201117_8176_1605577742_423479.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: e8e048884543f0724e4da94d652fde11e91f4b4ef120cfbcf957ed3677747356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Tue, 17 Nov 2020 01:49:02 GMT
Server: nginx/1.10.2
ETag: "5fb32c0e-78e2a"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 495146
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 20180122_3_1516609649_646041_m.jpg
img.painaidii.com/images/ 46 KB
46 KB 185ms
185ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20180122_3_1516609649_646041_m.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: effb62b6b7b49a86a711b12d0b59d0d622f5598663c54e86e6e2e2ce29a5f4ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Wed, 07 Mar 2018 04:59:48 GMT
Server: nginx/1.10.2
ETag: "5a9f71c4-b880"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47232
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 20211008_3_1633685622_130155_m.jpg
img.painaidii.com/images/ 37 KB
37 KB 184ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20211008_3_1633685622_130155_m.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 38278648216afa0d41c21b1e213dc214edb0f68f3b6f3e0d3a1b2b49e73b3125

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Fri, 08 Oct 2021 09:33:52 GMT
Server: nginx/1.10.2
ETag: "61601080-9229"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37417
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 20151125_3_1448422975_890059_m.jpg
img.painaidii.com/images/ 52 KB
53 KB 184ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20151125_3_1448422975_890059_m.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 77b6c431a9dceadb75a70975f5049a287f5a5c0315511cf819d697812c624b78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Fri, 08 Oct 2021 09:30:20 GMT
Server: nginx/1.10.2
ETag: "61600fac-d1b6"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53686
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 1741-travel-nakonphanom.jpg
ads.painaidii.com/images/ 107 KB
108 KB 182ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/1741-travel-nakonphanom.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: fb9dc03848c094d1766355c11efd8d191fff0723ee1238a710a89443948a4447

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Thu, 24 Jan 2019 03:41:51 GMT
Server: nginx/1.10.2
ETag: "5c4933ff-1ad0a"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109834
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 1119-travel-phattalung.jpg
ads.painaidii.com/images/ 78 KB
79 KB 192ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/1119-travel-phattalung.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 8f6cfefa5d1d62adc5214392457d0828eaf243f153d299a306341786606a8452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Thu, 24 Jan 2019 03:41:49 GMT
Server: nginx/1.10.2
ETag: "5c4933fd-13942"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80194
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK PetchaboonTravel.jpg
ads.painaidii.com/images/ 72 KB
73 KB 183ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/PetchaboonTravel.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 2c1e2f82ef450a572ec5ff80b7337a95a52b535b68cce8f17eec813e23b8f5ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Thu, 17 Jan 2019 02:48:21 GMT
Server: nginx/1.10.2
ETag: "5c3fecf5-12154"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74068
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 20200206_3_1580989494_123625_m.jpg
img.painaidii.com/images/ 56 KB
56 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20200206_3_1580989494_123625_m.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: fac9f6e48a7939afe4bf02b4008a4faf79dcd1677093a2a9454433b0a8373098

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Fri, 08 Oct 2021 09:43:03 GMT
Server: nginx/1.10.2
ETag: "616012a7-e00f"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57359
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK 4268-travel-danangvietnam.jpg
ads.painaidii.com/images/ 108 KB
108 KB 185ms
184ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/4268-travel-danangvietnam.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: dbc202af2676cfd32d75e24f188f68e25a607e5da3c0d98f21508965cc64ff7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Mon, 21 Oct 2019 07:13:42 GMT
Server: nginx/1.10.2
ETag: "5dad5aa6-1b063"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110691
Expires: Mon, 27 Dec 2021 07:17:10 GMT

GET
H/1.1 200
OK winterjapan.jpg
ads.painaidii.com/images/ 296 KB
297 KB 185ms
184ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/winterjapan.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 6258f5106284ca5105628c1a6dddbae1193a9a9de82f4171e7450ed5f5c5c936

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Fri, 19 Oct 2018 01:51:35 GMT
Server: nginx/1.10.2
ETag: "5bc938a7-4a17f"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 303487
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20210319_8176_1616127945_786444.jpg
img.painaidii.com/images/ 389 KB
389 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20210319_8176_1616127945_786444.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 2c1d96cc501055ad47555754e1397050b5db776a325decc0fed5126c14a0ca31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Fri, 19 Mar 2021 04:25:45 GMT
Server: nginx/1.10.2
ETag: "605427c9-612ab"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 397995
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20210423_8176_1619149517_607439.jpg
img.painaidii.com/images/ 755 KB
756 KB 183ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20210423_8176_1619149517_607439.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 46367047a37672fe90a380ea318ad24c399708bbb0d792a936707075242fcb4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Fri, 23 Apr 2021 03:45:18 GMT
Server: nginx/1.10.2
ETag: "608242ce-bcd40"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 773440
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20200401_8176_1585714176_787351.jpg
img.painaidii.com/images/ 366 KB
366 KB 184ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20200401_8176_1585714176_787351.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 9446f687275f7e0f981abaffd505758e7beba3d4a4931acc00c8c96fd3f5b8a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 01 Apr 2020 04:09:36 GMT
Server: nginx/1.10.2
ETag: "5e841400-5b659"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 374361
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 4475-travel-UnclegreenshirtBaannokkoknakhaoyai.jpg
ads.painaidii.com/images/ 202 KB
203 KB 187ms
187ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/4475-travel-UnclegreenshirtBaannokkoknakhaoyai.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 6216fa3d169b24872755b6c35527787345eadb4d6ff45b5644db8e52ae72ec8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 18 Mar 2021 11:01:12 GMT
Server: nginx/1.10.2
ETag: "605332f8-328e7"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207079
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 4473-travel-UnclegreenshirtBuengKanNakhonPhanomSakonNakhon.jpg
ads.painaidii.com/images/ 202 KB
203 KB 184ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.painaidii.com/images/4473-travel-UnclegreenshirtBuengKanNakhonPhanomSakonNakhon.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: c72a4a5bfc954189d25783493e889ebd545aab165bfb40e4fc2437b02b1862bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 18 Mar 2021 10:09:35 GMT
Server: nginx/1.10.2
ETag: "605326df-3299a"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207258
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20171123_3_1511400315_876276_m.jpg
img.painaidii.com/images/ 43 KB
43 KB 184ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20171123_3_1511400315_876276_m.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 6d7ef2bd3e7243212012214e03bb9e5312dda63e37b0998adb76589c02612940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 23 Nov 2017 01:31:22 GMT
Server: nginx/1.10.2
ETag: "5a1624ea-ab6f"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43887
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20210916_18_1631784558_385975_t.jpg
img.painaidii.com/images/ 26 KB
26 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20210916_18_1631784558_385975_t.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 3160bd2ad91c0d73fcdf31d96ddbdf04a9cecd5d16620558776e563f5b5c0372

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 16 Sep 2021 09:29:18 GMT
Server: nginx/1.10.2
ETag: "61430e6e-66b3"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26291
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 1679091c5a880faf6fb5e6087eb1b2dc_t.jpg
img.painaidii.com/avatar/ 11 KB
11 KB 182ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/avatar/1679091c5a880faf6fb5e6087eb1b2dc_t.jpg?t=1637997422
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 1b424110a4c901364d8f14d9c059274f8e2b3ddc4b64160972c072def01b50a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 20 Jun 2012 13:10:04 GMT
Server: nginx/1.10.2
ETag: "4fe1cbac-2ade"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10974
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20150114_16170_1421225580_163506_t.jpg
img.painaidii.com/images/ 22 KB
22 KB 182ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20150114_16170_1421225580_163506_t.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 2bd07162cc794e05de369f2195e456105cf3746b4e7ff67b90fbd3da57844f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 14 Jan 2015 08:53:00 GMT
Server: nginx/1.10.2
ETag: "54b62e6c-5706"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22278
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20150401_3_1427858996_703851_t.jpg
img.painaidii.com/images/ 22 KB
23 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20150401_3_1427858996_703851_t.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: ad767ed28805e2af8ecb91f9c37923dfc59ca75bb7f84228181ad4735a9cd064

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 01 Apr 2015 03:29:57 GMT
Server: nginx/1.10.2
ETag: "551b6635-59ff"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23039
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20211027_4695_1635305043_956103_t.jpg
img.painaidii.com/images/ 21 KB
22 KB 182ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20211027_4695_1635305043_956103_t.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: c4379c2f6961baf3aef6fa79e91ff5303c61f3d1e989b71ad84437b7d46f3b0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 27 Oct 2021 03:24:04 GMT
Server: nginx/1.10.2
ETag: "6178c654-54ba"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21690
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 5034a5d62f91942d2a7aeaf527dfe111_t.jpg
img.painaidii.com/avatar/ 49 KB
49 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/avatar/5034a5d62f91942d2a7aeaf527dfe111_t.jpg?t=1637997422
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 8bd93fbb8d5f5f1155ffcb314200ffb7b8f1f53734ccee28f0f4e42a546220a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 07 Nov 2012 07:51:01 GMT
Server: nginx/1.10.2
ETag: "509a12e5-c2c8"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49864
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20201007_8176_1602046287_103755_t.jpg
img.painaidii.com/images/ 28 KB
28 KB 183ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20201007_8176_1602046287_103755_t.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 7854840da7b3541cabd59f9d2ec832579cc042199f78295740902f75b95c7d3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 07 Oct 2020 04:51:27 GMT
Server: nginx/1.10.2
ETag: "5f7d494f-6ec0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28352
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK a894b83c9b7a00dba6c52cecf7a31fbb_t.jpg
img.painaidii.com/avatar/ 2 KB
3 KB 183ms
183ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/avatar/a894b83c9b7a00dba6c52cecf7a31fbb_t.jpg?t=1637997422
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: d381b2e7b9510690c08037c1a08202f153212e6375d21f88d8df266c99a29dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 08 Nov 2012 09:39:52 GMT
Server: nginx/1.10.2
ETag: "509b7de8-9ab"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2475
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20210908_18_1631068132_44825_t.jpg
img.painaidii.com/images/ 18 KB
18 KB 182ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20210908_18_1631068132_44825_t.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: e640d4c28511f0c940ece453fbaabfd20c35c8c1d704899119f17c233b99e839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 08 Sep 2021 02:28:52 GMT
Server: nginx/1.10.2
ETag: "61381fe4-4633"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17971
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20210920_8176_1632118911_779550_t.jpg
img.painaidii.com/images/ 24 KB
25 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20210920_8176_1632118911_779550_t.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: d6655b41cbbcf5e8a7b3a4cc56375c9bfc3e1fdb7acb76011eccfd72bdd2ae3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Mon, 20 Sep 2021 06:21:52 GMT
Server: nginx/1.10.2
ETag: "61482880-60b4"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24756
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK 20170426_4695_1493174593_906133_t.jpg
img.painaidii.com/images/ 23 KB
23 KB 183ms
182ms Image
image/jpeg 103.7.59.33
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.painaidii.com/images/20170426_4695_1493174593_906133_t.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.7.59.33 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: 103-7-59-33.ptr.pop-idc.com
Software: nginx/1.10.2 /
Resource Hash: 61aa9cf66c7c78fc66cfa266ba3a323c6c44b05e1dd47c70c14f2ed94fcd37c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Wed, 26 Apr 2017 02:43:14 GMT
Server: nginx/1.10.2
ETag: "59000942-5a7d"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23165
Expires: Mon, 27 Dec 2021 07:17:11 GMT

GET
H/1.1 200
OK footer-logo.png
www.painaidii.com/tpl/images/ 6 KB
6 KB 184ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/footer-logo.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 198e66ce272aa629cb485c6c9019b5290f6aedca8e6e238dd63cb657df4ed7fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:10 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21c56-1779-4b5c43960d577"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 6009

GET
H/1.1 200
OK t0030437.js Show response
hits.truehits.in.th/data/ 8 KB
8 KB 1253ms
465ms Script
application/x-javascript 203.151.144.224
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: http://hits.truehits.in.th/data/t0030437.js
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 203.151.144.224 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 224.144.151.203.sta.inet.co.th
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c43f9ab86a22ba17a49c5acc65beff5a768fdfd784275eacd8c47edd0850a4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:12 GMT
Last-Modified: Sat, 27 Nov 2021 07:17:00 GMT
Server: nginx/1.14.0 (Ubuntu)
P3P: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control: max-age=180
Connection: close
Content-Type: application/x-javascript
Content-Length: 7802
Expires: Sat, 27 Nov 2021 7:20:12 GMT

GET
H2 200 45c8787627.css
use.fontawesome.com/ 1 KB
761 B 212ms
210ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/45c8787627.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/45c8787627.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a718024dcfd273fc06968e7184ec4397ee7dd32b7c6920c35560b60ba3b963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: APAGRACVCWHGGNBJ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: CmoC0EItqNq5CAIEBCr2YHUP49uSKFlU+qVNBJvCiQNHUwYcWY8LPVgs1UDk34mPIQ89CKfC0NE=
last-modified: Wed, 30 Jun 2021 18:49:35 GMT
server: cloudflare
etag: W/"1bd454c42fddaa41d1474a2b222bacd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mqhIdciws3WlU0dVmsWuNZ0gwanzRFqNsKn6KvJzarXTQl6Tk6GiJpcQ4z3RQSVe9AO6QayYetqmkppJc7GZM1HgYe0IGLOG2hd2lUCdzKBQDTIYvk9uw%2FCyIb9YHtCCURD7rG1o6OvHy3lZR%2F4Yxc1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 6b4993497fe86951-FRA

GET
H3

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c2b4c2a973b48d7563d75c13eeacb6e1cbaee7dc0128ff65428d624ade66626f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NXnU88sJPw/Jc85SJXEBJA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: ZAZ7EWAdOhrV3xDUSe/4BXCLB1eBh+Z1EF/cCIcyhvCRKhIVCBClKTQxy4+wg0HJaPsjd8vDNkB8XrS/mrkEWw==
x-fb-content-md5: b690f669ac9602f3119717497df00d0c
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3ea9608aacff759b24cbe859a4d11e10"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 27 Nov 2021 07:34:45 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bg.png
www.painaidii.com/tpl/images/ 1 KB
1 KB 352ms
185ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/bg.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c9bd909b4b17a7d10bcbd6780736f50e958a38f903ee10ac2493b481455bd34a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21c30-430-4b5c439604cbf"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 1072

GET
H/1.1 200
OK input-text.png
www.painaidii.com/tpl/images/ 1 KB
1 KB 252ms
251ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/input-text.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1ffc4b5420ad43e8b7beebfcea12547f25ccf41617d089962699a15cc4b385b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21c6f-4ae-4b5c43960e130"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 1198

GET
H/1.1 200
OK nav.png
www.painaidii.com/tpl/images/ 2 KB
2 KB 436ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/nav.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a2f5c4b5fcbf50f2ef205d84409248dd892bc2be5a0a043dbe76f61ea9c50cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21cd3-6bd-4b5c439615a48"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 1725

GET
H/1.1 200
OK main-menu-active.png
www.painaidii.com/tpl/images/ 3 KB
4 KB 333ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/main-menu-active.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ba0dabef4c53b96e7fdbcb6d5b6b1b21c88175cb7c210e9641545cb0ebb47e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21bed-d7b-4b5c439600670"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 3451

GET
H/1.1 200
OK rsu_bold-webfont.woff
www.painaidii.com/tpl/ 40 KB
40 KB 187ms
186ms Font
application/octet-stream 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.painaidii.com/tpl/rsu_bold-webfont.woff
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8775ec6e00700868e019b7b475e45d3eb876088026975992f42aee2672b0092a

Request headers

Referer: http://www.painaidii.com/tpl/style.css
Origin: http://www.painaidii.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21a5f-9f90-4b5c4395c551f"
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 40709

GET
H/1.1 200
OK nav-1.jpg
www.painaidii.com/tpl/images/ 24 KB
24 KB 507ms
184ms Image
image/jpeg 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/nav-1.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fa083d87572cc8aee44a91f707596e822cecc879457487518ec7b8159059cc3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:09 GMT
Last-Modified: Thu, 30 Jan 2014 04:50:18 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "21c25ab-5f4e-4f128cb481f4f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 24398

GET
H/1.1 200
OK nav-8.jpg
www.painaidii.com/tpl/images/ 27 KB
27 KB 184ms
184ms Image
image/jpeg 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/nav-8.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e354deac9bfe8f97695d2bea2c371d512c9868f0171f4864eab07f0d9163de20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 30 Jan 2014 04:50:18 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "21c25ad-6a3f-4f128cb4ebacf"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 27199

GET
H/1.1 200
OK nav-3.jpg
www.painaidii.com/tpl/images/ 27 KB
27 KB 185ms
185ms Image
image/jpeg 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/nav-3.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f2a316ba543b2a6c2498ee50399c9bd707fa154a98910698571dfc419bb650b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 30 Jan 2014 04:50:15 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "21c25a6-6c0d-4f128cb1da095"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 27661

GET
H/1.1 200
OK nav-2.jpg
www.painaidii.com/tpl/images/ 27 KB
27 KB 290ms
289ms Image
image/jpeg 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/nav-2.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bd5ca6295e1febb6987805c2a6e228c955f26ee9f6074c9e8d2fbb46872ff02a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 30 Jan 2014 04:50:18 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "21c25ac-6b99-4f128cb4ca7a1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 27545

GET
H/1.1 200
OK nav-4.jpg
www.painaidii.com/tpl/images/ 27 KB
27 KB 184ms
184ms Image
image/jpeg 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/nav-4.jpg
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 87c58744ba5bd68bc8258f69ffc6873421553bf5bfd782374cdc52745ed1b98d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 30 Jan 2014 04:50:16 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "21c25a7-6a5a-4f128cb2ef9ca"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 27226

GET
H/1.1 200
OK rating-1.png
www.painaidii.com/tpl/images/ 1 KB
2 KB 185ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/rating-1.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b55d6c48d818bf6e4b83de21a8d774c8a8b93b8b22d70aefd0d586933c3552d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21c06-4fc-4b5c439601227"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 1276

GET
H/1.1 200
OK rating-2.png
www.painaidii.com/tpl/images/ 1 KB
2 KB 186ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/rating-2.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 472ce72cf20d398954550403e103d2b001342391a817b3fac71060f50a8e65a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21c8c-552-4b5c43961277f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 1362

GET
H/1.1 200
OK rating-3.png
www.painaidii.com/tpl/images/ 1 KB
1 KB 184ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/rating-3.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a39d2c369ab32c5a20387fd7a171952fd90ad78f078e0fbc6213e8ae735505cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21bbe-494-4b5c4395f6a30"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 1172

GET
H/1.1 200
OK rating-4.png
www.painaidii.com/tpl/images/ 1 KB
1 KB 184ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/rating-4.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7687d34da2d728e629fc1c684e4b6d147882c1b9898374ac0df02210b887fd60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Thu, 05 Jan 2012 09:04:47 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21aaf-4da-4b5c4395d56ef"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 1242

GET
H3 200 899264006862441 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 184ms
175ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/899264006862441?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f21dd856ad848baa852b82407f08f545aa73483b22880174cd941635448390e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: i0K6IYfdnENHZSTlQA4K9qeGgzpHrG2EinZCxhNo+fjCiz3V5VZ3QgmjAQEmcVXBn18AKx6AtY4oTCObs4VKNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 71ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.painaidii.com%2F&domain=www.painaidii.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://www.painaidii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: http://www.painaidii.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1550
date: Sat, 27 Nov 2021 07:17:10 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
964 B 40ms
15ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9
content-type: application/javascript
x-amz-request-id: tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2: tx20fcbba173164c66b29ed-0061961d50
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Bc%2Fr1w1ZTe7bXr%2BtUpp7ZMSHcfTEaDwEMhCZyBC78Xq84WZ9P2rWfahSNkOXUx6RsmlNHTzvySyi6Ljini5aCBXj70qM%2FOwMfHbPD5ZtS6a4VJkfPRKQoxkJgxQR4xB742x0miqnxvilM9q"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1637227780937425
cache-control: public, max-age=1800
cf-ray: 6b49934a4c1d432d-FRA
expires: Sat, 27 Nov 2021 07:47:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.painaidii.com%2F&domain=www.painaidii.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=ZB5KDHxQbEtnU2grQXo5eUNtZ2czTTl6d2cyU0dzdENLa2lPd2Y3Q1FkVUx0YU1SeW44NkJyYTJmbmJ0MTJpUHAvNXlYb09NSVlVTmdsd0JtbktBSlpvZVlaeDlSNjJmQ0J5REtnazBZd25GYm9ld2taNW5BM1dQVHg4ZW...

337 B
597 B

46ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZB5KDHxQbEtnU2grQXo5eUNtZ2czTTl6d2cyU0dzdENLa2lPd2Y3Q1FkVUx0YU1SeW44NkJyYTJmbmJ0MTJpUHAvNXlYb09NSVlVTmdsd0JtbktBSlpvZVlaeDlSNjJmQ0J5REtnazBZd25GYm9ld2taNW5BM1dQVHg4ZWUxMVo3cEQ2OGxaN2VLRUlBQjZKbitSSE4xeS90Y1M3Qlhqek1SeXRxb3g1Zm9wUlJtQW93akF2dS9NUXVHbXVaVnQ1MGlVMVZTUm0zK2tNT3dPTStueWs0QlpKNCtGdlF3d21RN1VMZEwvSVc0dmNUWVc5enprMkg4c2RUcnA3S1I0UTg3MzMvfA&cppv=2

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9d59fda8938030dbf3261e9c9fc268ffeacf6e858844818ab944957586597753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 27 Nov 2021 07:17:11 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2357
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 27 Nov 2021 07:17:11 GMT
location: https://mug.criteo.com/sid?cpp=ZB5KDHxQbEtnU2grQXo5eUNtZ2czTTl6d2cyU0dzdENLa2lPd2Y3Q1FkVUx0YU1SeW44NkJyYTJmbmJ0MTJpUHAvNXlYb09NSVlVTmdsd0JtbktBSlpvZVlaeDlSNjJmQ0J5REtnazBZd25GYm9ld2taNW5BM1dQVHg4ZWUxMVo3cEQ2OGxaN2VLRUlBQjZKbitSSE4xeS90Y1M3Qlhqek1SeXRxb3g1Zm9wUlJtQW93akF2dS9NUXVHbXVaVnQ1MGlVMVZTUm0zK2tNT3dPTStueWs0QlpKNCtGdlF3d21RN1VMZEwvSVc0dmNUWVc5enprMkg4c2RUcnA3S1I0UTg3MzMvfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://www.painaidii.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1854
content-length: 509
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 153ms
108ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.painaidii.com
date: Sat, 27 Nov 2021 07:17:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 203ms
96ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=227652&zone_id=1871366&size_id=15&rp_schain=1.0,1!anymanager.io,364,1,,,&rf=http%3A%2F%2Fwww.painaidii.com%2F&tk_flint=pbjs_lite_v4.43.3&x_source.tid=dc2087c4-add2-4e74-ac72-275202a5179b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06105056582010637
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3d29738ea608cb3c37967362c94d2a17b4ea8c9fbe4e614825852c68aeb274f1

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:11 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.painaidii.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 104ms
26ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b5%3b90
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://www.painaidii.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
730 B 103ms
70ms XHR
application/json 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:11 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 63cf1287-7645-4784-8a56-9c47fa12174b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.painaidii.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
331 B 150ms
110ms XHR
application/json 104.96.135.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=398457&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229dc38a5d98dcf7%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.painaidii.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.3%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%22364%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221065c38cd8379e1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398457%22%2C%22sid%22%3A%2221728728330%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.96.135.185 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-135-185.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b9b208a4b7656b211407c0cdb0236ee6b30b726f3c522302fd6e5ddfe912b75

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:11 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.25], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: http://www.painaidii.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Sat, 27 Nov 2021 07:17:11 GMT

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 72 B
380 B 51ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.painaidii.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dc2087c4-add2-4e74-ac72-275202a5179b&nocache=1637997431388&schain=1.0%2C1!anymanager.io%2C364%2C1%2C%2C%2C&aus=300x250&divids=ats-insert_ads-1&aucs=&auid=541034967
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: ed6c57d0e48070220a277e03d2d1d02e3b98de6a7e9df5f8f43ebd04bc18c6e4

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://www.painaidii.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 58ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.3&cb=27990684203
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.painaidii.com
date: Sat, 27 Nov 2021 07:17:11 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK line-6.png
www.painaidii.com/tpl/images/ 8 KB
8 KB 184ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/line-6.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style2.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: aaeed0cf2c8cc6da36b073b836a0028ecf8f7566112c0f91acf56d94d2f21c3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Tue, 05 Jun 2012 02:10:17 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e3445f-2017-4c1b026e03eef"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 8215

GET
H/1.1 200
OK line-4.png
www.painaidii.com/tpl/images/ 3 KB
4 KB 184ms
184ms Image
image/png 103.246.17.188
POP-IDC-TH POPIDC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.painaidii.com/tpl/images/line-4.png
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/tpl/style.css
Protocol: HTTP/1.1
Server: 103.246.17.188 , Thailand, ASN131447 (POP-IDC-TH POPIDC powered by CSLoxinfo, TH),
Reverse DNS: www.painaidii.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a619f5ad484fe45755bcb39c171cdc39d9181d0223c036c52463eb618ac48576

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/tpl/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Last-Modified: Tue, 05 Jun 2012 02:08:34 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1e21c21-dd0-4c1b020b9b4d5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 3536

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 32ms
16ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 07:17:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 141 B
131 B 32ms
15ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.painaidii.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

bcbbc0569a5513af0d0e75cc75aabe34467584fd6bf0374fb76b4b52dfb76fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Sat, 27 Nov 2021 07:17:11 GMT

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 213 B
534 B 38ms
8ms XHR
application/json 51.89.21.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: http://ced.sascdn.com/tag/2060/smart.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p14.id5-sync.com

Software

Resource Hash

d815f51f45848a7e82cf69b2848e1c820cd5a54a06f043aebdbbdd6880a82e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.painaidii.com
Date: Sat, 27 Nov 2021 07:17:11 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

POST
H/1.1 200
OK call Show response
adnetwork.adasiaholdings.com/2060/ 2 B
441 B 333ms
332ms XHR
application/json 47.74.174.177
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: http://adnetwork.adasiaholdings.com/2060/call
Requested by: Host: ced.sascdn.com
URL: http://ced.sascdn.com/tag/2060/smart.js
Protocol: HTTP/1.1
Server: 47.74.174.177 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://www.painaidii.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: http://www.painaidii.com
Cache-Control: no-cache,no-store
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=UTF-8

OPTIONS
H/1.1 204
No Content call
adnetwork.adasiaholdings.com/2060/ Frame 0
0 433ms
328ms Preflight 47.74.174.177
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: http://adnetwork.adasiaholdings.com/2060/call
Protocol: HTTP/1.1
Server: 47.74.174.177 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.painaidii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 27 Nov 2021 07:17:11 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,POST
Access-Control-Allow-Origin: http://www.painaidii.com

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7948434009836314&plah=www.painaidii.com&ama_t=adsense&asntp=100&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=0.9&asptt=0.8&easpi=true&asro=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7948434009836314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

326b49d52dc9b7e30d9645f4eec344b880d18d5c68b61d757df810c0549f469a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99583
x-xss-protection: 0
server: cafe
etag: 1458601600360902152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:17:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 8B80 11 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7948434009836314

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 Nov 2021 06:55:30 GMT
expires: Sat, 11 Dec 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 1301
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 30ms
15ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769031
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx26efdfa46bf444e1ac927-0061961d59
x-amz-id-2: tx26efdfa46bf444e1ac927-0061961d59
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgbJeHjq%2B6wrcnuAmvWWIHpd40afwvkPxBcaZqFgxCPvFxDMsBX%2FCpX%2BkA9Rr66OrwlQBAyY2qegYqVnQSYnOqizbOgwaa3ViQafAl7niGJzYHFXrvHETE1ANoAUAYNnlM0uZHl8T2H9Psix"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1637227779984125
cf-ray: 6b49934abc5e5c85-FRA
access-control-allow-headers: Authorization

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 22ms
22ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/45c8787627.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/45c8787627.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12395388
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYNR017DZMX3ZD5
x-amz-id-2: QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rP%2BFn7jZLfXYcSbS6qEvtqOSpDArtLRiJt70PBoyN7B7wCxcX1fytA15Ku389x7G32i0kRr9MdQD9K%2FFOWVdXjxqGODWrE91yKkm2CGYPNM5Y%2B22hhEahlrm370MamcRz%2BzNhvtFHe%2F%2Fh7Cx0y4ABVB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6b49934aef1d2b95-FRA

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 59ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1041
date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 25ms
15ms Font
application/font-woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/45c8787627.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/45c8787627.css
Origin: http://www.painaidii.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12395353
cf-ray: 6b49934b2c701f55-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
x-amz-id-2: pkRNShLbFXhf6SeRgdxzEXWRQnoj03d5qcKktHdj0x0B1ebCRA5C1XBdHWfisusqq8G91/CwEUo=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyDU3J67yNRe4fX6YD51z6Fm9x0%2BfddgF6PwkRxtZmg9SO9i%2BtnrcWeyW8G8nO%2FceLuWRWlUgr7hMXHTdNExGKkhDE4qDWO%2Bc5AmxwyJVo2oFA254PfjSG9rEnlZoQiBtr8sMES8%2BlYhy1DDDS91A1%2Fx"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: ZQRZ1VCFMR4RRJQV
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: application/font-woff2

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
441 B 15ms
14ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.painaidii.com&callback=_gfp_s_&client=ca-pub-7948434009836314

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7948434009836314&plah=www.painaidii.com&ama_t=adsense&asntp=100&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=0.9&asptt=0.8&easpi=true&asro=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a92881eff31c009e106106aa43eef4c4c0116f8b9bc05c29b95e576bada5e949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 51ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.painaidii.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.painaidii.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05E5 26 KB
2 KB 93ms
79ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&adk=3211944677&adf=4012703082&lmt=1637997431&plat=3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.painaidii.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1637997431447&bpp=3&bdt=1212&idt=96&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4995198938443&frm=20&pv=2&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=108

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08e6d04469573e215383d06d963322f8c71ff33a943a8c3263b0f2e9a0463667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 07:17:11 GMT
server: cafe
content-length: 1597
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 07:17:11 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-7948434009836314&c=14&e=44754314&n=0&p=0&t=0&w=772&x=4&eid=44754314%2C31063246

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
634 B 216ms
215ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=685718571544148&correlator=433207841897394&output=ldjh&impl=fifs&eid=31063812%2C31063246&vrg=2021111601&ptt=17&sc=0&sfv=1-0-38&ecs=20211127&iu_parts=21622890900%3A85513799%2CTH_painaidii.com_pc_article_anchor_728x90%2CTH_painaidii.com_res_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C970x90%2C1x1&ists=1&fas=0%2C8&eri=1&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=23&abxe=1&lmt=1637997431&dt=1637997431613&dlt=1637997430235&idt=1253&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9&adys=-9%2C-9&adks=837733861%2C886821197&ucis=1%7C2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.painaidii.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=false&fws=2%2C2&ohw=0%2C0&btvi=-1%7C-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2996594ee4dd5cae621ed01577fee5737077adb004add5cd219692efed299e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.painaidii.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 231 KB
63 KB 1021ms
1021ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=685718571544148&correlator=433207841897394&output=ldjh&impl=fifs&eid=31063812%2C31063246&vrg=2021111601&ptt=17&sc=0&sfv=1-0-38&ecs=20211127&iu_parts=85513799%2CA1_Web_Leaderboard%2CB1_Web_Billboard%2CC1_Web_300x250%2CD1_Web_300x600%2CE1_Web_300x250%2CF1_Web_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C960x300%2C300x250%2C300x600%2C300x250%2C300x250&eri=1&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=23&abxe=1&lmt=1637997431&dt=1637997431616&dlt=1637997430235&idt=1253&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C320%2C960%2C940%2C342%2C960&adys=-9%2C159%2C530%2C4967%2C789%2C1048&adks=1255836222%2C3237864345%2C4121210095%2C4053682595%2C1824630438%2C2947140390&ucis=3%7C4%7C5%7C6%7C7%7C8&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.painaidii.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C960x300%7C300x250%7C340x0%7C300x250%7C300x250&msz=0x-1%7C960x-1%7C300x-1%7C340x0%7C300x-1%7C300x-1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=false&fws=2%2C4%2C4%2C0%2C4%2C4&ohw=0%2C960%2C304%2C0%2C304%2C304&btvi=-1%7C0%7C0%7C1%7C0%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

20644ab40a533c5ede1969daa53d2243a4881c578b374b6eb372386831b2c159

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJKRu_j_t_QCFYuIewodR2YHtA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJKRu_j_t_QCFYuIewodR2YHtA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
google-creative-id: -1,138336926214,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64301
x-xss-protection: 0
google-lineitem-id: -1,4370025029,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Sat, 27 Nov 2021 07:17:12 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.painaidii.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 780F 6 KB
4 KB 64ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 07:17:11 GMT
expires: Sun, 27 Nov 2022 07:17:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 19ms
18ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5130eb2b26589edc79df541561e0c40469fdb05a7a75566a61e580e1d473254e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13503
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 07:17:11 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.painaidii.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.painaidii.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 259D 69 KB
24 KB 497ms
497ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3352934356&adf=3491011728&pi=t.aa~a.641232905~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=2&bdt=1452&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=NLKbJ9LVwX&p=http%3A//www.painaidii.com&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e088a8c4a8c133902624533e9326b019c9e551dfe7165fc9ec9fa34cc7776c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 07:17:12 GMT
server: cafe
content-length: 24976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 07:17:12 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAB6 87 KB
32 KB 484ms
482ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3085252350&adf=3247054316&pi=t.aa~a.2285606708~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1451&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280&nras=3&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=3042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=gPpxAzJNwG&p=http%3A//www.painaidii.com&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f5e8afd0d01eecb9d99b3ab403b745ea4b5c92ef333762d3a7281c7bc212d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 07:17:12 GMT
server: cafe
content-length: 32756
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 07:17:12 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0ED4 87 KB
32 KB 477ms
476ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=1136123777&adf=3628545868&pi=t.aa~a.3923138242~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1452&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280%2C940x280&nras=4&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=4330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=12&uci=a!c&btvi=3&fsb=1&xpc=HOoL08cNNo&p=http%3A//www.painaidii.com&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87486961db4ac0005e48fbd15e222b99c0ec84eb60cc9cfbaa2f4a493c6feba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 07:17:12 GMT
server: cafe
content-length: 33004
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 07:17:12 GMT
cache-control: private

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=899264006862441&ev=ViewContent&dl=http%3A%2F%2Fwww.painaidii.com%2F&rl=&if=false&ts=1637997431833&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637997431832.554912032&it=1637997431356&coo=false&exp=p1&rqm=GET

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 27 Nov 2021 07:17:13 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=899264006862441&ev=PageView&dl=http%3A%2F%2Fwww.painaidii.com%2F&rl=&if=false&ts=1637997431836&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637997431832.554912032&it=1637997431356&coo=false&exp=p1&rqm=GET

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 27 Nov 2021 07:17:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0ED4 3 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=1136123777&adf=3628545868&pi=t.aa~a.3923138242~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1452&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280%2C940x280&nras=4&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=4330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=12&uci=a!c&btvi=3&fsb=1&xpc=HOoL08cNNo&p=http%3A//www.painaidii.com&dtd=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 05:43:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 07:17:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0ED4 1 KB
914 B 39ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:04:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FAB6 3 KB
652 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3085252350&adf=3247054316&pi=t.aa~a.2285606708~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1451&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280&nras=3&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=3042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=gPpxAzJNwG&p=http%3A//www.painaidii.com&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 05:49:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 07:17:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FAB6 1 KB
960 B 36ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:04:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 0ED4 19 KB
8 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0ED4 2 KB
1 KB 28ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:13:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ED4 119 KB
36 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0ED4 15 KB
6 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:10:39 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 0ED4 27 KB
12 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 12:44:20 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4573084957762402359/ Frame FAB6 16 KB
16 KB 26ms
12ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4573084957762402359/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c7c42e54cf049811ce2b248d6744f4d5ce1a314d6ab941a002baf3e5472802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 00:59:53 GMT
x-content-type-options: nosniff
age: 22639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 18:51:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 27 Nov 2022 00:59:53 GMT

GET
DATA 200
OK truncated
/ Frame FAB6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4573084957762402359/ Frame 0ED4 16 KB
16 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4573084957762402359/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c7c42e54cf049811ce2b248d6744f4d5ce1a314d6ab941a002baf3e5472802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 00:59:53 GMT
x-content-type-options: nosniff
age: 22639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 18:51:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 27 Nov 2022 00:59:53 GMT

GET
DATA 200
OK truncated
/ Frame 0ED4 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FAB6 19 KB
8 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FAB6 2 KB
1 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAB6 119 KB
36 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FAB6 15 KB
6 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:52 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame FAB6 27 KB
11 KB 14ms
5ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 12:44:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0ED4 0
0 53ms
49ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CafUod9uhYduBLY_u3wP-tKW4BvjO-OFm37_CnpUPZBABINfzhiJglYKAgJAHoAGxn5LEA8gBCakCPVGexJX9sj6oAwHIA8sEqgTBAU_QYMPRFg0krNgce94KUHl2ix0yuFABDNx6RIE5aVeQ7R7sjlFP9Cak-fzNfBEruCBlNIfUj0vZodFgWPEcpYf2KYH0ImZleg5YeQxJ11NvMHbQmkQbMPKaI1HLLknJ267pcjVBxtGFMQ8bOK-LkctGevMx3J0CRR2O--dc0_ATo-HXtn5Uj4ZnYdsDdbgm5F6VWpcYxAUv01mPVlIfHyKAzifWm6F4GO4hQQaut12usvCK96cW3eWV2q8vt921zwPABN_H8ezvA5IFBAgEGAGSBQQIBRgEoAYugAe34O07qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQh-4L0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi03OTQ4NDM0MDA5ODM2MzE0GAA&sigh=qz_Frjp4whU&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=1136123777&adf=3628545868&pi=t.aa~a.3923138242~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1452&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280%2C940x280&nras=4&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=4330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=12&uci=a!c&btvi=3&fsb=1&xpc=HOoL08cNNo&p=http%3A//www.painaidii.com&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Nov 2021 07:17:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FAB6 0
0 50ms
48ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch6Pnd9uhYfj5LIPe3wOAs4CQDvjO-OFm37_CnpUPZBABINfzhiJglYKAgJAHoAGxn5LEA8gBCakCPVGexJX9sj6oAwHIA8sEqgTBAU_QUJg5G7UVuwU8XZcm_1FJoz371MMe1oyJo-lKH0lk1Wu1MRz1OZ2Z5PO5B80lAT8iw37o41uUPPm5eAkgXWGNuFxQr-0Urhft7ixKm0HN5zmVBU44CKVIvVsev3gRxvyZ0X1O5X4DxuHYZNggJude0N4Oleue4DGqKny2iRWRt3qNPESErLktUy8SiLzOloePRaXKKg8HkpjN_LF3OHv6FyC3NpH-haVaYkWtaQ8GEPUuogJ9C4JYCIatp9DDAivABN_H8ezvA5IFBAgEGAGSBQQIBRgEoAYugAe34O07qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQjLkM0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi03OTQ4NDM0MDA5ODM2MzE0GAA&sigh=nwbqTXOcu-o&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3085252350&adf=3247054316&pi=t.aa~a.2285606708~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1451&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280&nras=3&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=3042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=gPpxAzJNwG&p=http%3A//www.painaidii.com&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Nov 2021 07:17:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 259D 19 KB
8 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3352934356&adf=3491011728&pi=t.aa~a.641232905~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=2&bdt=1452&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=NLKbJ9LVwX&p=http%3A//www.painaidii.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 259D 8 KB
714 B 29ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 05:46:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 07:17:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 259D 14 KB
3 KB 45ms
8ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 05:51:39 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 259D 355 KB
123 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 16:07:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E7DC 1 KB
749 B 12ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 Nov 2021 05:53:44 GMT
expires: Sun, 28 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 5008
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 259D 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 259D 0
0 35ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKXtIRJK610RqSsNL4WkD5mGOR3h861hcFLCRUrNofbPcdOGeerMsL7hVDQg-8tYmwZeiLHEXFyf6NFQ9ho6K7i78UkQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3352934356&adf=3491011728&pi=t.aa~a.641232905~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=2&bdt=1452&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=NLKbJ9LVwX&p=http%3A//www.painaidii.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0ED4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b5b06c1334aec91feedc68b564ce53da41afba9447ead2a79a4d76446a7675a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0ED4 21 KB
22 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 310946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 16:54:46 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0ED4 21 KB
21 KB 36ms
12ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 392146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 18:21:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3BAD 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 Nov 2021 05:53:44 GMT
expires: Sun, 28 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 5008
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FAB6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a2c3ff286faaeb35f08ea6f5e21723a27821ab7623ddce9b1fd4fd0b96b6fa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FAB6 21 KB
21 KB 23ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 310946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FAB6 21 KB
21 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 392146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 18:21:26 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 259D 0
327 B 74ms
31ms Ping
image/gif 2a00:1450:4013:c07::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~kwhhdnot&c=1259138053514&slotId=629569026757&qqid=CLX5vvj_t_QCFZr2dwodKXoPMg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c07::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 259D 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 220853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 259D 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 63444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:39:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 259D 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C8QWyd9uhYfXhLJrt3wOp9L2QA4vLhtxm-IyZzOMO8C4QASDX84YiYJWCgICQB6ABwp6ElwLIAQWpAj1RnsSV_bI-qAMByAObBKoE-AFP0MAdkQnGe2IK-kscy_GbmQoKwbee301mcYVeD0asaV_G6Uva-_2wZja33wmf8LlAHmoL4w5hVLWPTtFDuuUk9zy6OrJkUAYWk9enSBL2NOth45J7iXQR-asQ8G-qqr5biNI_V4kgEV-TPPntZYkVvCPAcSze29cQ-BaMNFImB-sfSwtLEPagv8Q6cndofDs_UIKai5bie2BvFjOVZ1kHyVbhF8uBxdW6xMRwXGKHrVIFKhXqYi3z9sGbP-WqxA-B1ChpZgz9R2pwCHWt-qZEE_NPnR3oXl7KuFLR55CQcAEvFG6X9gbA_DETrEEAcUgT5TZ2XI3Q08AE1-K1s-UD4AQDkAYBoAZ2gAem4fvoAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYX4AKAcgLAeALAYAMAbATgI-wDcgTmqro3gPQEwDYEwqIFLYC2BQB0BUBgBcB&eventType=clickstring&clientTime=1637997432371&ai=C8QWyd9uhYfXhLJrt3wOp9L2QA4vLhtxm-IyZzOMO8C4QASDX84YiYJWCgICQB6ABwp6ElwLIAQWpAj1RnsSV_bI-qAMByAObBKoE-AFP0MAdkQnGe2IK-kscy_GbmQoKwbee301mcYVeD0asaV_G6Uva-_2wZja33wmf8LlAHmoL4w5hVLWPTtFDuuUk9zy6OrJkUAYWk9enSBL2NOth45J7iXQR-asQ8G-qqr5biNI_V4kgEV-TPPntZYkVvCPAcSze29cQ-BaMNFImB-sfSwtLEPagv8Q6cndofDs_UIKai5bie2BvFjOVZ1kHyVbhF8uBxdW6xMRwXGKHrVIFKhXqYi3z9sGbP-WqxA-B1ChpZgz9R2pwCHWt-qZEE_NPnR3oXl7KuFLR55CQcAEvFG6X9gbA_DETrEEAcUgT5TZ2XI3Q08AE1-K1s-UD4AQDkAYBoAZ2gAem4fvoAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYX4AKAcgLAeALAYAMAbATgI-wDcgTmqro3gPQEwDYEwqIFLYC2BQB0BUBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 259D 30 KB
15 KB 106ms
48ms XHR
text/xml 142.251.5.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BQ7PxjtM9ZbM50vhsgVYgAc9rjHD4jOy_UkSZB-OV7OcPP3WaV4FlqsvzxP4WTHWquEzDq6OW82SM3yrzqB-lzuzbufA&cry=1&dbm_d=AKAmf-C7YNiyhGkPq0-6_IWHAHgtugtWrkgUj5IEFbv7ND0SW8SoENUI-gD6_VluE6RiE034ea0k2gmb51Qod1_nkoCBjAPs0kr_Mvb5SwQuZStZerEYBbFys7WfvUnpikPirl3fMBfuaLcJUvJy0f7gV7Hks68P7d1SLTF63-Tti3vcGWUWLfltNAMeX-miUQRso3C_wmE2zrlouOoBhNsx2nqPOWLmKCF3L3ngLYDTg4NbgWGjAS5Cic1xsb5LDuACfnATvS3F-bwaeXtMai5SekG_HCXIEVkvDHsOp6a3wFF7rL0ujlH0lPw4eZCACqFt9IQZMAWO03cqQoqUU_m3luVryG689txQTpL2_q8tuHfCmIZElCXbW86XV3cMclYNgFFanAmEm2aC5vDRrwwr4B8i3MWBrY5kspgSaCyGyWbbGxWlUAKYtBwa_jiL181wx6YisBhMvJNNlUbYubkyxN6ZBJ7tecbc6U2rNuMmEADVwYPM_upudHwpG4GEc5S4FJG4XoiYjfwueEx1HIH9VZEbxziLT_DG1rWFucstmP7hvpsnIHVVy6Rkv2_jhzdPHP66R9kcq7x6aAdcBXteLarXrhjuK7an7EkR4Q4xsyJ4I7n7VibgcDvk8IGfAjGLsHkbAhYCEYTetDKDM2nN2X-5A3swq18rFRuX7DHRzTHlLZShfm9p5ncra0cnuPG3Jiwzy9NiHXVqQbH39H0fQkCLm_e_SbMyz4jRnM8okpmap4k6rSjt8F7SnSpPysKnfy0ewx6tu7geFQy8MYPsLbJP-1vPMXc6rp4lsWchnmYVl9jKfIE3crUa1_sS-PgmorYFDC2tLCRfq6c1jZ1UMutFT8UdIf_ei0ZZU40aVucl0emfwKULZP789K9uwJ4rGjxkp3v8COQ7K3deB5t-n1k_YrSI6zKTrXd6-KcsOoYBSek6njGuwma3Jyd0sa44NL0tKAH1PFBuKYdRzu9Zi-09xopCcV1qfKfKOoX0k9c3HF7ddn86JgHx71AvjgzzG8Ffs8tYNTfZnf-1kjaTJiR-TbrPtMj3Ti0qNCPDn669NTa8R_Ors-nR4VlF-3xIQdCmuhdH0V7OazNNQWff84gSUUFfGJzsjJ2dMYVwNAUgHIdfUdZE5IjX9gzzJlXvuDBDqxr81-whfht4lq3E20H-VG9DHbANF42dL_84FBYUI93WIuecXZ2-Fi7vPEI3X2RqY2NkOdO5BBqSzv6_BJXL5Y8BeBwKQfS_bLn_x7ZF4Sqm7EWZ0LmfPo2a7x_UYFtSsaw5BTwsVtB6oBmS-2xdN-bSI24_2wuDZ9O6Z1bhPDru18spijnUo-Nah5qEAtell7Iro3V7GZHkqiHyiJJvmG929VqJGkKELbq13BhoRt-uehibm8Ik7ooyownkaKPuGLWF9sfxAOj_gfpkprbhCt2uxYvXSNVnYA8Y7_bQ_cD3u_JWIe8VgBdF1OWPAAZm_ig8NvaTwvIFjljfMn-fIZK6T_BVnGZYWqfmQ-sSBj586hqPxiSZn5PaVOsloLn4k8h0U0VjN6XFCQVeTDmDcietBN8nfiYTdHelmNYsxVJ-9EIYfhvwhxpuhBLrNn31nRMm1E_rECoqzCyj6kaXbXV42zkgPajuCiqOQY_Vd9Rw4C9_bTwaTCtK26UFHnE80tLFZPn0PJIRGOEWPXltR8hKs5xmd6ksUmiL-RLlFLT1gUFZYGdV3jpSjq6CUf-8BjP8XZWEYhosnU3-kIRPEvv1ClJI5ZK_VFRwotEENIRf0Qiioe00yDFigYD7IvBuQ6xZq8hWmRPaCU-nnMP_t7TlDnoVTR2PCmPrhaEsb31ZvnoT4fJiz7aLyEh71koJ-Dx5P52WxAajn-uDwpzOWLeaQeCoVlZ_iLR52KpcnZvCvsVveDjWAWAsEr-vN0VHYgoq6MDbF5OytAtDPtYDAeWtSLVbyMyK5wHZNuWsPm5bj2h9tNAAMvURKI6ZF98cIf13FsIK_sZd4w-k5d6HDbfgfy-Edujm7pFF3R4lNuYBtvfmfYeEWRe3ipwRn2JP9gxS32zqyuJdrhp906ddsWpK4fo6iqpUmlc2dfA2_IdQKeHgoaWGj2v-SICsVucZTpIMsOEUtq_JF3izFLsPxtAP0X0Xh6drlJ4FNKMo1eKLhXzS6ulM-GV7AuPg2bFiSvkFH9ZtpAcl2PmoknVKb1y6-cCw8gJPQOdEyi7Ax1Qn1HUWQo3EHH_hcuAMZC8tW547aiTqiwa43AQdR7oT5tBDmzzoRNqEETu8HdkOqdWjA8B3-kwIdsz0jeOTqb0aEqJmXPgcwo7U8yLAWbq8HfZ9Ova843rVIlmmoJ0b7NUFe-egJfVtZhWJoQEoZU3IqWMqrA6I3YxMhine8dOMgZmmWTxGvwK-zYBiwtw_DK8cPQjLTMVOCuql6gdvZJv8QMPfXR1l2WQ5ie6OQbbXmP2HpTIhTdMKEXAcITvwVDjvInGiso3MZMdZHSAB9obdLWu7RO1r3xVIPjNiY3pqZv9SblPT4875PM2HFCBllCKMN3ceWVE1H4n79j-6nEfeJYVEwae-mKXvzIOWPkTvjDV0GeSsr1y6rGE7Ue630y2PMRmw2YKb5LdYyXCATP2BtHU1-OEOQ5mC2n-juSVi72q-eIq_vxd4IA7UF_e2_Qyt114G7sDjW9cDV92tU4IMicPwypaS8-23vQ6XRn7PKmLCjHblaa3iOujNvLgjz9qEspby2WtXisLy5yiAe-cYCG25rZQi2DKLvO0Sh6J0omdo0QkmaxrAH3ZeOQJKXAmfLYOf1sJwccnEkd5OQaPdk5UtmiJmKmkrklhYjvaXxncKkGNNRoqSZsCRVhJKnJ-g-RqIqVNFhnb7VqDeqkAxjPaVDzoRcnFPOAkEZf4qaiCMlaq7XIZphp1M1KpWTO94wE35sGAYqZZLjgczTVGuqmnLuLmZtWb5h-lP4jqy6TXYJ4XNPtVDgv1-Q11IT5iwBLsZkCKE2oeOFLOvd4to0NwKzdj4Dy5OrIcXvzdCr6VyQJyhjMtRjaINWd0UYG4EUWRgDsu5Wt7DnHdYSKrzvfC-0Pm-HYLNlZGvhv0OIYtVWUfdqC1KApk0j4D9zLkpj-mHmCstcE7stT-3nURNnfq6eghwKfxp8xxW8DL57rIOfNRrQfO_lFNdQg7ezfLbCqUl5LwJE06_rx1cROlGAsB772vsDk6Eh6qCC0feB5EzRubXuqE9cz3PxA_4JHaCf2emBj-bAH3Lw3U7xuyy6L1ZKjE7i4MO9E4psNCn4QC_faSiGeP-UJG6iAWZVcIZqXlpZ9-wG3I2mfiWWuSXm8-jEoK_zZoVjvYTjdQdAWgrL2L4SLULTK2KhSb6cFke_sJAIc-WYyaiYGah3aheTQ4qVNaFdsPwXAE5JUK6maiYIqO-zOTSA38RQK2XffJlBlhWa_1Q4azEgzY9o9Rec9yYZoEcu_3S7QjQabQO-wPfpPfSel_sMZRgqKR7afIg7gf1B2dskto2zEgvbYOwRLefyqq37yqlrlBC3TRpMEnmWcXwaF_FtfDvVhkYVMvminhJGJeoaidfIlLvdWgoZQrBW4svpEcQ2Gl3eWso3xJzwF4ZMHxE5-dAWA6Fhz2fGOdSXu2WeU4zU6Wv8rfLJWbDCgwFtS0Pob6ItyRsFAiSxuVaM1CDxCdRdT02KK3lAbQFpwPWgVSCF2QGc1lmcK5DqtGPQDR-qmCVZTjsODX90fhJJwDUACux99r_fHxd_rgTj9DcgKrsGrDSy2aaAePqLC95y1j933ux-FvXQPsTw-9fx7G6NxnrAGh04SZjHfr-ex0SeaygRKBbGc7vzdpfPXf8rQkVLvVSnsEsKLUHf48AkEkyZFsVfoiq1u0BGJH7Jl5GkiRBJ9Rg44eigTkqC6qwdlaaO15YwI-zIH4xrscouT1uEkqCyn4LwSQedQXIHNHn5WfnPVseUIyIOOOGtbp7F788r1_85WPjVVKFGtASCfKNbbTG0UsFFifIfb-p4NTqVSKXoNnLxx6OiaFO0gLygxauQykcSHmLdjt2r-4Vd7tleerjo4m53JzmD5DAg4hbZfvvHjHVbboY7Oh9fcuETaDAEbbsFTzYAZj46tw0jmJ9in1YSCjQqiOtaMw&cid=CAASEuRonP0WoO04FcXb07yW22ZYbw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f157.1e100.net

Software

cafe /

Resource Hash

b1f016301d34ebef95dc93bbcb9bdd112541e23108bc442d9a711923e32476bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14863
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 259D 0
0 45ms
45ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRyZnd9uhYfXhLJrt3wOp9L2QA4vLhtxm-IyZzOMO8C4QASDX84YiYJWCgICQB6ABwp6ElwLIAQWpAj1RnsSV_bI-qAMBqgT1AU_QwB2RCcZ7Ygr6SxzL8ZuZCgrBt57fTWZxhV4PRqxpX8bpS9r7_bBmNrffCZ_wuUAeagvjDmFUtY9O0UO65ST3PLo6smRQBhaT16dIEvY062HjknuJdBH5qxDwb6qqvluI0j9XiSARX5M8-e1liRW8I8BxLN7b1xD4Fow0UiYH6x9LC0sQ9qC_xDpyd2h8Oz9QgpqLluJ7YG8WM5VnWQfJVuEXy4HF1brExHBcYoetUgUqFepiLfP2wcM-R7bMNRfmuvaNiueH7CqTn69lTCi-OC0w_ppAVGmye8k6EGJynufLernutXUvU75FkBRdUI47qGycwATX4rWz5QPgBAOIBZS1woA5kgULCCIQARgBSKj8pQGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB6bh--gBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ-Zo4GInHqbsB0ggJCIDhgBAQARhfgAoByAsBsBOAj7ANyBOaqujeA9ATANgTCogUtgLYFAHQFQGAFwGyFxwKGggAEhRwdWItNzk0ODQzNDAwOTgzNjMxNBgA&sigh=Pfs1CL5OgtQ&uach_m=[UACH]&cid=CAQSKQCNIrLMm-KKtSqjAGiCB6WwBfRQrxfm4ReZJ4XO7c7aO-YlR0Q43O1U&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3352934356&adf=3491011728&pi=t.aa~a.641232905~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=2&bdt=1452&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=NLKbJ9LVwX&p=http%3A//www.painaidii.com&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Nov 2021 07:17:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2342 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 Nov 2021 05:53:44 GMT
expires: Sun, 28 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 5008
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 259D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45a9726ad2f573efe08abed78cb63bdfe0d345fbf28b05c01b69e7cccc00101a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 / Show response
www.facebook.com/tr/ Frame D0A5 0
221 B 23ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: http://www.painaidii.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

content-type: text/plain
access-control-allow-origin: http://www.painaidii.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Sat, 27 Nov 2021 07:17:12 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E7DC 35 B
463 B 28ms
9ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDaH9FDsdnhcVle27Jh7Xi4&google_cver=1&google_push=AYg5qPLSZm8cnF2RjXn3fUUY8kmsFNGRBMaytlyr5Bd0MiGFc7ASW5_U0JG_YtCZGMjsugx22Bhr62T2Z4rMWnOBQOMZX2lrvSc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7DC
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJeFEWOThsFuerPW8LIMcfHnJXdyJLBaMn1wHX...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFIYmVBQUFBVDl3OEdhaA&google_push=AYg5qPJeFEWOThsFuerPW8LIMcfHnJXdyJLBaMn1wHXGaYu8fJaaLgOmYl7-cu35V33y0BYdRkOOSNLRy4c-ox17rlRqHps9ZUo

170 B
188 B

27ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFIYmVBQUFBVDl3OEdhaA&google_push=AYg5qPJeFEWOThsFuerPW8LIMcfHnJXdyJLBaMn1wHXGaYu8fJaaLgOmYl7-cu35V33y0BYdRkOOSNLRy4c-ox17rlRqHps9ZUo

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFIYmVBQUFBVDl3OEdhaA&google_push=AYg5qPJeFEWOThsFuerPW8LIMcfHnJXdyJLBaMn1wHXGaYu8fJaaLgOmYl7-cu35V33y0BYdRkOOSNLRy4c-ox17rlRqHps9ZUo
Date: Sat, 27 Nov 2021 07:17:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E7DC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELQlxzJe1pZxJjjfmmGOocM&google_cver=1&google_push=AYg5qPJJbXav0ff2doJk0rzXtwu1Qu6BwnMQv_mIdHpHf_53TWWrOrba_tDPjLeWCu61pAD3TxDaymWldJ7n2v850T5aKb5J_bM
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJJbXav0ff2doJk0rzXtwu1Qu6BwnMQv_mIdHpHf_53TWWrOrba_tDPjLeWCu61pAD3TxDaymWldJ7n2v850T5aKb5J_bM&google_hm=Q0FFU0VMUWx4ekplMXBaeE...

170 B
232 B

34ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJJbXav0ff2doJk0rzXtwu1Qu6BwnMQv_mIdHpHf_53TWWrOrba_tDPjLeWCu61pAD3TxDaymWldJ7n2v850T5aKb5J_bM&google_hm=Q0FFU0VMUWx4ekplMXBaeEpqamZtbUdPb2NN

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:11 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJJbXav0ff2doJk0rzXtwu1Qu6BwnMQv_mIdHpHf_53TWWrOrba_tDPjLeWCu61pAD3TxDaymWldJ7n2v850T5aKb5J_bM&google_hm=Q0FFU0VMUWx4ekplMXBaeEpqamZtbUdPb2NN
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7DC
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK3kL6r...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK3kL6r...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcwNzE3MTIwMDAzOTIyOTk1NzAyMw%3D%3D&google_push=AYg5qPK3kL6rtCRlY2bFgWJIpg-JiAgZ38wVCCnVXibxWtA-8aOiBkW40EpLMMhXulBXaw...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcwNzE3MTIwMDAzOTIyOTk1NzAyMw%3D%3D&google_push=AYg5qPK3kL6rtCRlY2bFgWJIpg-JiAgZ38wVCCnVXibxWtA-8aOiBkW40EpLMMhXulBXawltdD9H0wvQkuL1m7OyY1RO-TJ-Kg

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcwNzE3MTIwMDAzOTIyOTk1NzAyMw%3D%3D&google_push=AYg5qPK3kL6rtCRlY2bFgWJIpg-JiAgZ38wVCCnVXibxWtA-8aOiBkW40EpLMMhXulBXawltdD9H0wvQkuL1m7OyY1RO-TJ-Kg
pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame E7DC 43 B
324 B 44ms
14ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDoSYdcDFVZLhAhSEEYyViY&google_push=AYg5qPK375tPZq3nQQ7_Ofu3sesVcTIvb6Cp6lXyB90xwUwBSLgSD5T7n3gExuGyme4Q-d6fqK_9xd3uqx6RF3vXl34xNyIebg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=1136123777&adf=3628545868&pi=t.aa~a.3923138242~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1452&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280%2C940x280&nras=4&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=4330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=12&uci=a!c&btvi=3&fsb=1&xpc=HOoL08cNNo&p=http%3A//www.painaidii.com&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7DC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iiftxfZVRmuJiGkyXuyweA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iiftxfZVRmuJiGkyXuyweA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKBjEH8Pk_fgT1f2HtP_xEV6bYKlA9ddV22XJUrkUjTIe0z00DJpnyZrcV1YwWqCNRT0ZybRabqBgwv9fNaSXIcfcTkWQ

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iiftxfZVRmuJiGkyXuyweA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKBjEH8Pk_fgT1f2HtP_xEV6bYKlA9ddV22XJUrkUjTIe0z00DJpnyZrcV1YwWqCNRT0ZybRabqBgwv9fNaSXIcfcTkWQ
date: Sat, 27 Nov 2021 07:17:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7DC
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGsDlEY2NXD_Z6g2652fe0Q&google_cver=1&google_push=AYg5qPJa-Ccnc3EoBGi45ZDM...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJa-Ccnc3EoBGi45ZDMef4RVqgnLt72rwHfkiEniMFfgIyVcIN3ZjfYQotD8mCWNWq4hLxqfG0As6qBm6dAHk0xBBf_Dylt&google_hm=1ykunrsaftlvhglqk...

170 B
188 B

29ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJa-Ccnc3EoBGi45ZDMef4RVqgnLt72rwHfkiEniMFfgIyVcIN3ZjfYQotD8mCWNWq4hLxqfG0As6qBm6dAHk0xBBf_Dylt&google_hm=1ykunrsaftlvhglqkoqjfwlhfkma

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJa-Ccnc3EoBGi45ZDMef4RVqgnLt72rwHfkiEniMFfgIyVcIN3ZjfYQotD8mCWNWq4hLxqfG0As6qBm6dAHk0xBBf_Dylt&google_hm=1ykunrsaftlvhglqkoqjfwlhfkma
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 26 Nov 2021 07:17:12 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E7DC 0
49 B 84ms
31ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMhVGxAh8TZUQ2yEwN67KmAd7IRU-V2JHfaNJKhPPBsz-4mcBWtpjizivhDE30_aoUAk8vOQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3AA6 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 18:35:36 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3BAD
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBueGIISoBsP_XiEkNKcE0Y&google_cver=1&google_push=AYg5qPIxBKyBIHUo8StEVozO_AU_atd5wW7xAS06lKAcGDFZ6zS_Yc_Y3-...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIxBKyBIHUo8StEVozO_AU_atd5wW7xAS06lKAcGDFZ6zS_Yc_Y3-0un_fYu90Yk-OSgeQ7s144UQBl1HeukNiVIJ3FjZPl&google_hm=dYpNdb...

170 B
502 B

16ms
15ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIxBKyBIHUo8StEVozO_AU_atd5wW7xAS06lKAcGDFZ6zS_Yc_Y3-0un_fYu90Yk-OSgeQ7s144UQBl1HeukNiVIJ3FjZPl&google_hm=dYpNdbVjl_PXedeE0QxBDw

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIxBKyBIHUo8StEVozO_AU_atd5wW7xAS06lKAcGDFZ6zS_Yc_Y3-0un_fYu90Yk-OSgeQ7s144UQBl1HeukNiVIJ3FjZPl&google_hm=dYpNdbVjl_PXedeE0QxBDw
pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BAD
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKFYQfnUxW9-eCy_cRkX4kdgwvdQjMWgR3tnZjKN79KNbMmuk2IsXN7ympJRHDNtfxjNF8rQ1JO5g2ckorLLY886opitvs&google_gid=CAESELMgpfqoh7dFfFovp37jHOI&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPi2h40GEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLRllRZm5VeFc5LWVDeV9jUmtYNGtkZ3d2ZFFqTVdnUjN0blpqS043OUtOYk1tdWsySXNYTjd5bXBKUkhETnRmeGpORjhyUTFKTzVnMmNrb3...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMEtYaUxZRDcwc3MxYnY5X2V6dllmQ2JlS056SVdvZWNHcFlRRzhQdGtoNA==&google_push

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMEtYaUxZRDcwc3MxYnY5X2V6dllmQ2JlS056SVdvZWNHcFlRRzhQdGtoNA==&google_push

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 27 Nov 2021 07:17:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMEtYaUxZRDcwc3MxYnY5X2V6dllmQ2JlS056SVdvZWNHcFlRRzhQdGtoNA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 3BAD 43 B
106 B 16ms
14ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEITVYaGe0do453XKYhzJOUY&google_push=AYg5qPLGqpEaLCJP3fa-wDMWQ3wSjsWlX14eAK7Ql9cGou21ykSfv0ZUlIKHMqCClSoMZZYi6ya70i0qfcVo2Q-aMYGQ-6JB-V3i&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3085252350&adf=3247054316&pi=t.aa~a.2285606708~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1451&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280&nras=3&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=3042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=gPpxAzJNwG&p=http%3A//www.painaidii.com&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3BAD 43 B
134 B 74ms
52ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPa3PXJvFhbbAyWed6qDi0w&google_cver=1&google_push=AYg5qPIRKlPirPDw-3TwKXi5JNh9qIDq38ZxkjsLE4pjtQ6y37VU6cju9cJ1t_pla6K4iu6sbCDxU5IkQWhf2Dpyih6l7zyqLVSF
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3085252350&adf=3247054316&pi=t.aa~a.2285606708~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=1&bdt=1451&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x280&nras=3&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=3042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=gPpxAzJNwG&p=http%3A//www.painaidii.com&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:11 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 95ios03ci91j0csjs25mgldv0hj8m6p8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BAD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=65q3CiE-RsGCOzcj5QNv5g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=65q3CiE-RsGCOzcj5QNv5g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7nxMaczfp8Gr0Tpfp6rSFpUlGEhPq11OdftHDIeH5fuWiAenIUSUvzu6DeeqKgosFxZOquWRwbBjTYXNb8CA58iogcLjQ

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=65q3CiE-RsGCOzcj5QNv5g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL7nxMaczfp8Gr0Tpfp6rSFpUlGEhPq11OdftHDIeH5fuWiAenIUSUvzu6DeeqKgosFxZOquWRwbBjTYXNb8CA58iogcLjQ
date: Sat, 27 Nov 2021 07:17:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BAD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECa9lFhFuctJY0xHW7Xz2ZY&google_cver=1&google_push=AYg5qPKdygoWt2xvHJ8GdHY7hEcIQb8Mkw1mPF_RyIcjq5d3Egr860hd8RTYriSEdXgN1_dN17p...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dISEROMFktMVMtSkdYMQ==&google_push=AYg5qPKdygoWt2xvHJ8GdHY7hEcIQb8Mkw1mPF_RyIcjq5d3Egr860hd8RTYriSEdXgN1_dN17pYF9qaIV9HveA49c9rEjxKOV0

170 B
188 B

31ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dISEROMFktMVMtSkdYMQ==&google_push=AYg5qPKdygoWt2xvHJ8GdHY7hEcIQb8Mkw1mPF_RyIcjq5d3Egr860hd8RTYriSEdXgN1_dN17pYF9qaIV9HveA49c9rEjxKOV0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dISEROMFktMVMtSkdYMQ==&google_push=AYg5qPKdygoWt2xvHJ8GdHY7hEcIQb8Mkw1mPF_RyIcjq5d3Egr860hd8RTYriSEdXgN1_dN17pYF9qaIV9HveA49c9rEjxKOV0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 3BAD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Ua...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3BAD 0
49 B 55ms
30ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQi7AXm6dRb8Q5zEGHypV5h-fIK7XM_MQ3nfqcDSQvIKT_T-WDFihw155RgiDkJzYbTb_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DD8 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 18:35:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2342
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP20tkB1dn4xNQv3_OWeXxA&google_cver=1&google_push=AYg5qPIVjLg3NDXf3ABilHsXBo9W0GZoRFeoZprE-41xkDCQNz_oZl3X9h...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIVjLg3NDXf3ABilHsXBo9W0GZoRFeoZprE-41xkDCQNz_oZl3X9h_C6q3bCBMtGhWmEtn7IW5Qk0AQF1UfBT9NZMoE9ACH&google_hm=dYpNdb...

170 B
188 B

32ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIVjLg3NDXf3ABilHsXBo9W0GZoRFeoZprE-41xkDCQNz_oZl3X9h_C6q3bCBMtGhWmEtn7IW5Qk0AQF1UfBT9NZMoE9ACH&google_hm=dYpNdbVjl_PXedeE0QxBDw

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIVjLg3NDXf3ABilHsXBo9W0GZoRFeoZprE-41xkDCQNz_oZl3X9h_C6q3bCBMtGhWmEtn7IW5Qk0AQF1UfBT9NZMoE9ACH&google_hm=dYpNdbVjl_PXedeE0QxBDw
pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2342
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLcDfba...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLcDfba...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcwNzE3MTIwMDAxMTQ5NDU0NDQ0OQ%3D%3D&google_push=AYg5qPLcDfbanbM_Jhy_2gzyziy85i2VXNY3bf7yMfKQVxduC_w5SzG_BtJghs-cg8MEuw...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcwNzE3MTIwMDAxMTQ5NDU0NDQ0OQ%3D%3D&google_push=AYg5qPLcDfbanbM_Jhy_2gzyziy85i2VXNY3bf7yMfKQVxduC_w5SzG_BtJghs-cg8MEuwtltgCeNs5L9yQloODTZitvLIoHZarp

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcwNzE3MTIwMDAxMTQ5NDU0NDQ0OQ%3D%3D&google_push=AYg5qPLcDfbanbM_Jhy_2gzyziy85i2VXNY3bf7yMfKQVxduC_w5SzG_BtJghs-cg8MEuwtltgCeNs5L9yQloODTZitvLIoHZarp
pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2342 43 B
351 B 17ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEO3fmG28hsdmM1qBYQv7Ces&google_cver=1&google_push=AYg5qPK_5pwJooC2BPjFf7ybZMGqBcKl_fkp4dAt43mkoGAmkh9BG6xICHQ1rbX0Dl3L9E0IQf8mpuv7MJZgVVLBeRaukoVmoK7Z
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7948434009836314&output=html&h=280&adk=3352934356&adf=3491011728&pi=t.aa~a.641232905~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1637997431&rafmt=1&to=qs&pwprc=8955635418&psa=0&format=940x280&url=http%3A%2F%2Fwww.painaidii.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1637997431687&bpp=2&bdt=1452&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4995198938443&frm=20&pv=1&ga_vid=438431747.1637997432&ga_sid=1637997432&ga_hid=747328226&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=340&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754314%2C31063246&oid=2&pvsid=685718571544148&pem=304&tmod=1613286496&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=NLKbJ9LVwX&p=http%3A//www.painaidii.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: rf7m8i81jv6sravem99smuv1am77p4l3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2342
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CeWZeN15SLKexFiPL-TMDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CeWZeN15SLKexFiPL-TMDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKxBInMuoAZkBFgFYLT4pBNsytWAVqU9r4BnXPzsK4pCTebEjdxscE1eon9LGSsEispHlNerFmgvJLAof1BYwKJ4CXwB7Kz

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CeWZeN15SLKexFiPL-TMDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKxBInMuoAZkBFgFYLT4pBNsytWAVqU9r4BnXPzsK4pCTebEjdxscE1eon9LGSsEispHlNerFmgvJLAof1BYwKJ4CXwB7Kz
date: Sat, 27 Nov 2021 07:17:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2342
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO4pJrYswauVlOGZrU8LSkY&google_cver=1&google_push=AYg5qPI5tyd10kKISf0ap9PznuFZqd0Gwv-6A2xZgXb8RWiicHsdq8X1aXGGWw7ySFcZjVdczQs...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dISEROMFktMVMtSkdYMQ==&google_push=AYg5qPI5tyd10kKISf0ap9PznuFZqd0Gwv-6A2xZgXb8RWiicHsdq8X1aXGGWw7ySFcZjVdczQsDWHGf4pa3PPWf9QuURFUFDCq3

170 B
188 B

47ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dISEROMFktMVMtSkdYMQ==&google_push=AYg5qPI5tyd10kKISf0ap9PznuFZqd0Gwv-6A2xZgXb8RWiicHsdq8X1aXGGWw7ySFcZjVdczQsDWHGf4pa3PPWf9QuURFUFDCq3

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dISEROMFktMVMtSkdYMQ==&google_push=AYg5qPI5tyd10kKISf0ap9PznuFZqd0Gwv-6A2xZgXb8RWiicHsdq8X1aXGGWw7ySFcZjVdczQsDWHGf4pa3PPWf9QuURFUFDCq3
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 2342
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngR...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2342
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENJYIyPOZKpkMPPVQ8EFWc4&google_cver=1&google_push=AYg5qPKrr0dEO9Q8oOEc0H7Y...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKrr0dEO9Q8oOEc0H7YA1nbW_HZ6dnceDe2h36O9ZUlDEx5QmdR0kMdYLeSiXZXWIk-eA-q3CP9Dvo7BQ6fhAkLV5HXHcPUVg&google_hm=

170 B
188 B

28ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKrr0dEO9Q8oOEc0H7YA1nbW_HZ6dnceDe2h36O9ZUlDEx5QmdR0kMdYLeSiXZXWIk-eA-q3CP9Dvo7BQ6fhAkLV5HXHcPUVg&google_hm=

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKrr0dEO9Q8oOEc0H7YA1nbW_HZ6dnceDe2h36O9ZUlDEx5QmdR0kMdYLeSiXZXWIk-eA-q3CP9Dvo7BQ6fhAkLV5HXHcPUVg&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 26 Nov 2021 07:17:12 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2342 0
59 B 14ms
13ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jj9c2BUprbAxnFTjdHFPSPaAqascdf_StYWwsy8CwJnsabn4T1sUCiq14DTnlnBi1ilJeOMg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK goggen.php
lvs.truehits.in.th/ 91 B
434 B 429ms
422ms Image
image/jpeg 203.154.91.10
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lvs.truehits.in.th/goggen.php?hc=t0030437&rand=607053&bv=0&rf=bookmark&test=TEST&web=A6gdSjSmBpJP5j%2b%2bBJ450A%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=2D728998.1&fp=d&fv=-&truehitspage=&truehitsurl=http%3a//www.painaidii.com/
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Server: 203.154.91.10 Ban Phrao, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-91-10.inter.net.th
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:14 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: close
Content-Type: image/jpeg
Transfer-Encoding: chunked
P3P: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

29ms
6ms

Script
text/javascript

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4553
date: Sat, 27 Nov 2021 06:01:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 27 Nov 2021 08:01:20 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 259D 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 24 Nov 2022 17:50:29 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5ednd7.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669533432/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 259D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669533432/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-4g5ednd7.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669533432/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

64ms
7ms

Fetch
video/mp4

2a00:1450:4001:16::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednd7.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669533432/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34681AABF03C4F53D4D0DD9DF42D1BD4187DD5DE.3DA884CA0469F163A1A20BFDAEEDBD250D1CC6DB/key/cms1/cms_redirect/yes/mh/y7/mip/2a01:4f8:150:2008:34::1/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1637997062/mv/u/mvi/1/pl/50/file/file.mp4

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:16::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:12 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2185448
Last-Modified: Thu, 18 Nov 2021 13:11:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 27 Nov 2021 07:17:12 GMT

Redirect headers

date: Sat, 27 Nov 2021 07:17:12 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-4g5ednd7.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669533432/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34681AABF03C4F53D4D0DD9DF42D1BD4187DD5DE.3DA884CA0469F163A1A20BFDAEEDBD250D1CC6DB/key/cms1/cms_redirect/yes/mh/y7/mip/2a01:4f8:150:2008:34::1/mm/42/mn/sn-4g5ednd7/ms/onc/mt/1637997062/mv/u/mvi/1/pl/50/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8975 23 KB
9 KB 8ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Wed, 24 Nov 2021 17:50:29 GMT
expires: Thu, 24 Nov 2022 17:50:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 221203
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CE6 0
0 42ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1yDcqJ5RpC3F9i0CaIV2QavvW2fnHqOu5JOQdfygJi15ReNL_pXnfpQ6yGm1ZZuJUdThSYzqYBQ0AHL_HgJwKYCDyaB1eI6skH_DmiqB-wtwBC2KvNw2OgX2BdTedFHQ1cuhxZVkaOZ7bu03wsC-H_I1ZqmOSvei7JBXw4tm8NYENZwR3N40fNLNCuKeo7j50z5us8sDMheFRc1xQP9Uy_RGdo3OxH4iuGatzyqPX7wgo7JuXumyuXxOBIiYXitSLmnLRHWOGtZxe1R1hrIpTb6jhmCKRYkqNLeMx02XPzVEKsaHNGpzCNjkPS637&sai=AMfl-YSsO9K6602Ks6HUlczBVvkFmPwd1D7RTMNlNR73aDoN2A0ocfqwARPlHaf63B5Hu6vTIpu2uWW3soBKNneDvT09PzvN1B-5sZvMekoOFA8eorZjWelOPSNt9FRZeiNV&sig=Cg0ArKJSzHioahWoPsq5EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3CE6 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3CE6 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CE6 119 KB
36 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 3CE6 0
0 21ms
20ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1p8yg2LOL2Z6UY0kJOgaDW99MkzCpwpA_Y6TAHOk7munidP3Zi2PdJysM9ZJt_RkPFKpaus4C5m87fTwGUJi3n7mhFg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 1657509588086326498
tpc.googlesyndication.com/simgad/ Frame 3CE6 100 KB
100 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1657509588086326498

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d2f8aa388a5c972fabcd62d8f993299a386a7d5e9195e2d75b9365f6f33a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:50:25 GMT
x-content-type-options: nosniff
age: 340007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102457
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 08:55:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 08:50:25 GMT

GET
H3 200 container.html Show response
7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B6F4 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 07:17:11 GMT
expires: Sun, 27 Nov 2022 07:17:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3DC4 6 KB
3 KB 17ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 07:17:11 GMT
expires: Sun, 27 Nov 2022 07:17:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 59A9 6 KB
3 KB 14ms
10ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 07:17:11 GMT
expires: Sun, 27 Nov 2022 07:17:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B1D 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 07:17:11 GMT
expires: Sun, 27 Nov 2022 07:17:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 206 file.mp4
r1---sn-4g5ednd7.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669533432/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 259D 2 MB
2 MB 16ms
7ms Media
video/mp4 2a00:1450:4001:16::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

64f92ac5b3e5e53a9fbe7815fc07b9c10de1e6489f1c020041f543fb1c84ba3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2185447/2185448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2185448
expires: Sat, 27 Nov 2021 07:17:12 GMT
last-modified: Thu, 18 Nov 2021 13:11:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CE6 0
0 46ms
46ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaUxJvSWFSkHea89tnlpLcZdXRUT2_fUGLkdkJYZ-Kvx8rOCDHJk-lNWcbO3WtCO5PrFXqbkNXEm65bTfy_w78tuw8Ig5nUDQV6e7BKtogrcHVs2mH4kWl2Y2z91FX5dYgcd3jBfpHa3-eS47ZGVDaJ3JxwJ1EMDRX3uPSsOdO1UWH0dPY0bw6Ka2pECggM_gONo9AqN0sPrVi2uzzh5Q0vBHhB2AYvvNK7dPqgoUgF7qzsAvm9z1IUdiNMqgOROswbQbzCmXKd7c1jgwV4OFE7CoogKvW-Y4G-AuQfPkVHnsu3KDjBRHulZtiBv7Ewgg&sai=AMfl-YRJYiJ2pty6HZbnYAZU6UgH5VH7L30u9mv7emtIDCi5XWDPikuqt1t_YymDUTntkFFSxZaLPz67jAemfGbq197M_3jpGSjUF6EBKN0ArtB7CzSNRQRa-gpTH1nNVA_T&sig=Cg0ArKJSzDFjSq6tdty1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
DATA 200
OK truncated
/ Frame 3CE6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 743e3d59c072d035ffa0aaa38adbe4999d548b4df759236bf5baaec51471b808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A77F 624 B
299 B 20ms
20ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIe6qbsBMAE&v=APEucNWISFRqvlRjdUGxHuLeH5p7CxNsJgrh8CBzSCr9r14IFbul3eeYuyMp5Jkk6UX38GAYO0MwfRCpN-3yk_GmOzXqXr34R706knYYFESCHwG_Plsmz5bPq1v33oEND5I4EWEDHpiis4LVsmnBTV__fUU4whfw5ehjvhg14fRSlqyIG7IeJqA

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 07:17:12 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B6F4 72 KB
30 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXTy8L41I42LMRy14PW6kBQO7PUg5d4R3cN0YEWaNyChN6W3cdoL4hSNoCgsS5NnWIBJxIxsJ5jWssCdD9WPViY-TqH0qEPVQroeVoEt8MCp8pxk0QBQwVpA3syAv9tMTZ-aKjGPESBnpg_n71xyXNFJrPSA&dbm_d=AKAmf-DCKz9fcPaUuAH-zOk3G-tL44gbuR7kz4Iv5kHsckOTg46dvkrdvwwOzDdM1o2FRw4ysOiGvqRTo0j4pcO35GneysGi-5CwvGkwjL4MH1rIXzGRz1BKUMOvAqhHRnTHEmh-e8eFIc7p19ykYIIXb9OeIzqHZInj_FJB8JRpakr53rfe9CvC_qlfjj8GHMcJ9SYLs2xY5cQmxvP6ABvFTlG79Qu8MftPoI4EuzCw2hhZMLW5XNopJYRgTT0JvmhM21yf-AzQRBaoRyWHFRHCXcvj8fqg1OnbabwVEqbhXGlBEBeSS6sSDXqgvsdACC0NRTM28XBzkMWyGnJJY63UI1sI2czRitqXZXGII1dKFtBJiE-zuln2eK4uvY4F_dnsGvJk2pv9mAivzmjOQzwDkigmGv-PADDl8V-0gF8ovTglW3H_q6Dmnhf8rZjB3STvX3xcrhSYZjBeRDI9eO6m3LEtgzT5bKFpXcnbLXU32ELdokEfj7zeFjnHt5igShp66VMTXcgE4J9erkpW-G1lBPz07ZVLbEryWHFKe7h9KwjAa1Ctz45STd542Umpnkwgt1P-aDOTNFjq6t7EfxtdJuJhqRMavrOGupFAtnTA9wwGJ3g6uWrsOM7ucc8rnn1j1n5KRLyEkoON5tRwWuHji2WMgHIjGKpM0KqwBuqq440v8cAGdg-awKqqXVbt_cAJectV3ALpBCPjAOurZvWQ3t1NtVLog38dmk2XH0XZ_50vDQiuTBkCGn02F4UU4Y4clfDj6Zub9_vGfl6E2RQLhhjuzXZPHDShN_tKKB7jvbMI5D1ZmvtB899nyFSmHAsI7NZsQbANx3NcOpnny70-QCiIhwGsahXEPkFfiBFieyKjd80QKqSqXuFrgccegesBq9nRr6Azi3ls1fg9ZCdtoS8fv66ZEVdJLP52VF5OV_myn4ZRGOXFEv2Mpse_iwFVTPkvafZ0_YBnp171gMQ1cosO-pkortO4SphCn4Sjoyn6BTFYs3MqDDZiu6aM5Gs11LmGQZoYyvvUsz1jWyHXNSAHIrwydf41XDV4OFYo1sb9av5jieLVpn7kmy9qZ8TQjnrJD1mUYm0NUQHIdy9VHLQhF7RFKDDlAjLjXfSB8gIdVO-226yUNPtpm0Bn07L1ByIrbwhzTpkg5xIgUrWcuev2CJvbHuarGSZdmX6gfdn0lZP-fn3SZOlI8y1ZaBOoiov39tUJwmF10hgjLTxQFDuhyyU2r0n-qJWB1Hdjx6f8rN9u0jOekMsX_VVjSUZFagcsgfn_BvqAVbllqj1HaKJF_hMjlRdcZWVW8rMJXrAAM3SaCVuEb-koXBFQrAV62AyExZf_589PeWbiLvUNAGbF79OMH2LY-dAiW6nAOw7AskD1wFQRcFWyIWsnl5tCEgre_ZWx0R3g_twG19d5g2x-TU83TnLbNXqJClRSau-GiPdduUZsznVKbA55yX8cwM9ObLttco17nP1htPBoibulfdmi5rduBHCgyyuvy8-X_-A99uICIHftHqE3GCzLItDlc3bbOm2LiFQJAUt8T2nG-jj3EEy9QCnJrepYQ-bVOwEmJdkN6UnrdhMo3ODtT0jg-OwXVMbRX5X5XkP6cI3pwN4X0T6zZyY-TXiOJmAltE-FaCnTGHMuQenwMM7Qd-fz6fPcEiT0AJ31wj2xazbFeyANNfMtCXkxBDmckDYXYjTeChiExk-534cYOXcZjSkvvPzJXsxDw1kN-xgwRjElJZRelxqarEqk5sErb_CHzNp5MFAhqmWI1hp_cSdWN2kRK9VwNASP5wAaMfF7BzEQgnmBPJCdM8YSiIZ6xOiuiDUgngGEVaT-dpvqFMaOQjcAbSaoKyzHKR6VxCSyqj1L9fWFcg5ZPtXzMUytiQLaZ1TbvYuY2eizQHSmJX--06vckZR_kzObDn93AK064XeRp2jtDiLpVpBMaNVXTxSgnQOkcOBi7aCV9Q9LxOZ3fuLOo1UYSHY19eVNqaGOG5IB5Zj7LtqQI0hYTcRJ3VWOn_R9xMmaH3eV02rRMylySn9G14EOK2klkP3-qWhZzkBLzAcYkXHV4fmgS-SgRfHaTxM4X4Sxt4K22xcGZ2s_AqHtaMMyYv-a39oYT407bg-iLF3gDPfrvuExP0YDxIp-BZgGOUQ1uIBd_lkVoysMqbpEmtChWCvKcRiZkE17KATmA7QqErDGLgth9rThc6GElF4e_h_5LnagrwOagS9d-A0j6P-T25Vwo54jvOiyQUJmhtqJbZ3yIPEzv5o5VLtIkK9AeDEFu16Ndd7hQZVsxL40sxPQs8Hy6VPASGTr1SFnIGPho4M9XkQb_DNhFuNRL6J5v9t-xjT9zAyMxyCZmpz_nbTyANoc1WCkJiBQvMePOGrzqtknhBDTbQMIxZ8FgEMA-kg0s93ETq9xzonE4YUrQDmN8DWmY9a9pjFoEhmP--GmyOwhwWvqgREqgvWgTaSuQF59oLMnxnZ7thWVnnTGENCWLkBFXFbaYix25pKrEue1adhh_Hg5g_gmDPZTfawiwDMdqOWvbwDSTDrX_Jw4xXziiCvNVe_wvLJ2dohgENTKfOWsxpsFHDUiyAgs6xIztpYSMjp3sdfvNxvwOH8iuiVzfvR_iCoT8K55UV8mUIyQdj8DDRqlFa-qy0xHaeiTY4v3_Fk-hmhYVtgErsvqEjSKY2eEda8BsAwPJ_4n1OndcOkIZlUZjKog6BG7b14s0x4TD9M_ElYQe85i7wWBB6QLlZ0c1zHY-sybmKYGbOZQZUECbCNcntZwN9YO_A15-Y9kY5nP65MMXoA8CmNbx2LEfrTo_VFtnpfsOznDt3cIMhjUH0rTn9MdvgQjoFAFo_kGCGmpx9ajkZ50mJVvxDWdl5iVce748CzxewV8iSotOpuvW41VjxwWaKmEgetNDqIUTiRxbJXgJz6KLhKLtT-4bvYC9Ljpm1fuYWdugrXkV29CELWTafm9kNbWBZCq86WoUBhHwdBiTVq154qjd95euDUXXh2YBNDxSiAR5L4NeYir7MRcwgYXayl9B_bvxhcv-Rc5DtNwZQ1S7LHJS8d4zvAHKIwetgC_10KbayTjqIqraUj1DS4HIF3qcZXwwlTFG7zdWpWlOtbMLEQl3_CIz2GbaVa9CT2bJrYZroGz9L7pNwGGSBZwTutGnGmAeXCadTw6lFDFvnYW99600tyLYpAwuRDG8DDPvgUALodjpXfBsJjG3Xw7XaIkWZKSGfM7P3-qEgJlvL780axoONI7L_2tvN7dEEXz4PwyZUJQuuS8JB040_pfcjbtyz09TYGZP0XaCiArFVq-g18qsG-mSrFlM8bpqoMSaIJuh1GVP6O4hspAs_FZqVmO6gP-L_tPto8GS4SKDhH2n4Q_RxKmYFUlmI2Pv4gKXR7LKGVpsws84KlgSVu31AkLdiNnLqbElsTCeWpu8-SWuDdzlS61bYyOPihZKEKVBbVuj7kppyEzlm7dwcPaIQStYpbRhk0&cid=CAASFeRoqnD7DyXHgg15u6ssS8Ij0TKHxA&rfl=1%2Chttp%253A%252F%252Fwww.painaidii.com%252F%240

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74d25e2b9377908b77f4e08d42b8bfd32435030c911c057aa4cdf028c06f3456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31140
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6F4 42 B
63 B 48ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COcVPjdW8e9f6XJRdttInqDvNEeQbHK9wQ0qaAU_-R82IkNQy7EU2f9Vwf0WhRh6qCiUftRLd-29vkf5k2m4_GcYx3ipG52IHn8vJFBiMx911Y3AI

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B6F4 2 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6F4 119 KB
36 KB 38ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B6F4 15 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:52 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 51DA 624 B
299 B 24ms
23ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNXwEtkLg6G4oX2E1Htr8DiRNm2jW8gnRaXEntHluNt9B9qildXs41Nl2tQjwqwTHvXyyBIGNgoEYLQUT34gcrJJmjBn2O2FhnvHxs0MpsstMD3bVfopO8KOL5li9hBdjZqAwjFgUSdwUHplxsGs5uwKKK1ZUzFKBIFlbRXf_9oUxMzAsZg

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 07:17:12 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1B1D 26 KB
15 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcDuQSwxo1grrc3i9O6ne9FiGt4sjmraR5u0SCJ-yOTu9SvEBzMMv5BW5qvv7juZGSLkVBOAleCd3J6eIs0Fa56HkBCu6KyMuSnYVaPhRdffdMAK9ItVyDCVKiW24JHXsRdUS6MS9buTkvEFVYpDum-KMM_w&cry=1&dbm_d=AKAmf-DpcFgx9dfkL6wt0OSsaARSil00OFveXoG2zZ0YXDVS8QqtaVtOjgNyhVOznf6hOyVP_uWZijD7zZP1Kw7cOLWfVaZVSzXYkL8nwKo02E-s24KTUMGo5dy_yQ1mjjE6NBNDydsIn0YVBDbbX8mYW5f0iRvBfNoxbHDQYJRvt8rbai1DQ3PqkCwoSAaiKmCLMNyuopqlGyeAnhvNMZLdiIwh2CNayawWPH2zcOO71NhPyTqAVGhCEncakUXNGxd8wMraelXl68pt8Ld0PkaL5yOgzUJrFzthX1xDCRmVkbRbq0kBV_ws2FKTHgcmPNmMs_qfS6q18jKsAsceYgy79XG1Loem2t7DcY5x4zpBx_9A8PwNbK-mG5d7wlF9u0dgIKIEzujkIcHoPKEcf7S4zKplPobXl_EO3XF5SVbRYc3aLnjT0gkJTJORIkkbSdFChZ4RMl7KA5BWPVsNbCLthZMvz_JtmgkGj3m2xIztZeAeW7DFQuWT03T3WlRRJhd5Qxw8x8u4jLv8gksCJzjKDlikRZ1RQqWNKyxLlE4FUGqPCCmJm3kDldZ_D8bViY_6avrm_Kcvsy7hOHz-fc7sNR5dTiag26mFtz-UddhlnUqapTwW9Jw-S0X089EP7Ug9QOYumEI3eVktP88Fn_QuoOMHJ9sZmo5T7ib9OHDwgPOltfZpmV9DZT6WYT2QHfn4LLhvAsHYwq9OdRfGCNFV30AkfYwgNASx6ODw3Vg9g5pzvs5MTrZoOFzBVA6VVyd3WRd9vDDGoikEi6jG1rs-PjwaQpK1SSyli-DV8GVheEC4cnPfLOX1VN8FY8gCa9ReWTTFlUiveXEwvTJ2jAbLIM6-Oh8g3xrUOhBsEWCMUTuADUlHD1v-3ptaCOvurB0P82wpBx81Q4aiPuxT0Uic3-cC9di5XVSmWAtHSCUgFSeBB7Cz0VcTrnO-LWFK9KqzxaELMl-4Vo-1olyY_1vIWK2R6l5BQE0a4x8aRPyxw1dQ6BjV-kGnGW5s0HzG2Hc4jb0vxI0KQ9xKnmzg61psgVGt2yvV7T-AcIGFsnXJYtxDl3YfCMRuhUglxLymPT6mmh_tzp6Z8D-z82SzxrSMf3NyNbLY1-yYGGEYQiEtOwDrsCCsqeaxbmkEt0SjNvfnH6QZO1_agt-mpubRpo_Wjsji3gzLVe2myoH_--20pKk_wj76ByNQOkyZ273IqdZ_ISzouKHf5GWwfNqDPNAiTXnur_nnurE46tm7zoZRVui9e-Df-p-bKjHFuXcU8lZp7DJodUmPpoGKlTP6ggGqfHUSdhV8-UQpm-jKyWiBkl-w1z3Osi67g9iRujQyH6AOZKcL2-SMEbFSl0s7TwXNHPrCF3L2rQdjd_7MqBce5eTxoGyHGtFpru1AtwAARVIiO5fTWja7VL91yZIweC7QGrFIbr7lcxrWLt81kGI7kHN1KCDkWXCIcoWST3z6yADBqfTU7SVH0WNNEhQRWslMDuMyqe4p6sdhTbHGjF3t2R-vyTKsL1MeCBWJwkan2UcnkeUXM5NdpZyQ3YlJUJzDgwuvEH6v88Db4qLQgJ0KmMufClOGS1DC-1RaMIAg2sqTMscQUxCGulgnSWqlUNK8ACH55yU9W7R2aftzdq_tRldb3gDG0g4_5xx6XMpOp5SPeBY39jkCX6L0ZLA1hhO-awBwuZvs9bfR7rkAnHs7GWN5AKapFYByc1WF7GwFhq943g9nbA0jrhn1dKrizQ0syeAOfsb76y7NOVXA3fdN6LQRdFCam_koKI92Wqjzks20iB1t0CKrzAUR0xnLJcZ4jtc3ORvrJdfYfBfF88ljIPSROeWhHeDh1s9WpdWFVezSHjN1wXnmr5aayhcIKx4I7HMYbSHDZrvIyQ-W4s5T-VayA0-pSUaZkOK-eKc6LikZ3unjmNy_BGqwKCw9I9e8jOL9hMpQ9uQtodjZGl_NwXp04oHORF8Qf9XT14kiebLwhtRpBfkdlWSHIdQKBOBLw6HTve-LCjeq4ZIHAOFn6jHJjZPkHjaMpyNynFBKnFeHmIPYOGFI9UIOLwLEzRCBZnhIQ0yDnBbNPT8apvqOz9nxU2F8QwQgBt2XprueVZpFLPmwynbJ5kkeKxA0eKOVMrAfnfMfbrni5i94TXHtaDYVOFcNHuc5vo9zEGY2oxJDI3IhFDo-wUYhkofIc4TluKHEyncTR2IZqQvnY_VaBNGO1b2spOVq-0fRv9OaLW6d6-fNmOYNeBOPPlJoZVuQbuNzM82L2xa2ChSmokfu-nqLBbvTDoqTE-qmAqHBvgnlup-QM4kcX4nPBW71zpbOrAQIgT8wZ2pMHEws6ueTHOFrhGgjnNA5hkUKnxz-OJqKdJju-1RRMXupENRMwp-Yy3NkwzHDPtnf10bUeRmN2vpEDb6_m_FUVobTGv92EV_bakN4DvNlnVfR0TsUliwk4g42r2BHd9hw9hBjqFCyqb0D13LTM9rgFftrJfkUSXOiRz_fvNxQWtUOaIhbvN9CuTmaOBQnzcPah36yt7VhSckdoduiZGY7jSdAgv80G0NnXDfIEpJY13PU_oBqE2cjPq9DqygUUisgUdyoiRqDkpFFFl9Ikq3VA8BI63RPeTqRWoHc0urQm9E6iwcWSltBFNhrJ-4T_rkgkyQaraey-4iHGg6FxYZA_EbdwwulCh1P0EgqVW2Wyu9a0cVHiWqqKEYUpDXv6Xa09tj14U9gJekln7o0vpfVKBJSxtkaHBkMS9R8Kg4qDqNoZbTZPP22pYEEe4nugxFctErTWsvxr70dGeo7nevC5UbKyCvJFBvbf6-j8hXh2MgJwNdAqIuq-MTplcvVaTweBPG1efYoMVL4V88Vx71lN1wFcotsQ_bXyIHhjM3viCt34AuZsbwXH0cvhwCiouBLXbI48mAO1CETcWH6xqPfZlAKA2yxQ4iyEiTfJmFDWnXGTI_VqtCuUoBjWd_XH7E9DNxYGYu8WSK8lHJTJvrMfC8H0f0TTOIfKehKN_3QKD6W52vEqLxdmOfLbHHvUpd1122QXg7XyXI5rGiETc4EWi_g3CuvUBeyXMtup9-P0V8qA28mYPOUZf6X4X_Nb4SGokTOwT50AmF5STF4WjmEZ9qeOg3KEiyiy7wnH9hEgNN6-VVIwHxAeQgXtvJZwvEbpe6WwC-liML1Hee9Ayh4mk6kyjXqS7mcri7bXjmFMtAmq4mi1KeGUHUPdKj8_49PmBaxK3ovMougWa91OaxY1q3CnkGnf3uxHfVe3pa_pDHvvcbPJrAG16Tq_CpC2yyeXYFbSRUsgVPtR5y_Ed2LVxCdAr2oIIhHdCeXK6z1mjAUcdyvY0ITWU1IAnjq8kaEJx26rMvwA6jTqd1Z4YDj-XuJR4PZzeQaJuoSAn03c8_-5Jn-Nxsl9LnlYt16y5ZUQLi9VRmXH6-jM4GcF2NOXoiBL4-5measrNSS8rTSj9WK-_w274HyZ27BiLny2iujBSoTwpC2wc1CyN2lrSk&cid=CAASFeRopp22j92RVw0CNv-9dOfx_8exTQ&rfl=1%2Chttp%253A%252F%252Fwww.painaidii.com%252F%240

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc328c6b028a7c5a3d26c6240dc67f412897a736acd3d13a1a8b0ceba7bab44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15014
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B1D 42 B
63 B 47ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACN93vrMcr8X3dArkHVumRZq_QFZL5Ybz0xNq-vYzQchkgfADTJD8SHPpKOuhsQicneXKKvFsKcP1Sxis8k_aMlEsdEy24Pa4IVQq_2AIuNHSCM7U

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 1B1D 9 KB
4 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:46:08 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/774473/57793669/ Frame 1B1D 46 KB
13 KB 490ms
58ms Script
application/javascript 54.76.210.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/774473/57793669/skeleton.js
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.210.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-210-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2980e6f99026fc58ebeae9dd5ab55e23249c20e5c930edf6bfd4bd0112463dd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: gzip
x-server-name: app15.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1B1D 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B1D 119 KB
36 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1B1D 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:52 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/ Frame 6981 78 KB
46 KB 11ms
9ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b56e281a91282c054e586e8194681c46c29bf476a6f47cd3483428196c354c9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Mon, 22 Nov 2021 18:42:41 GMT
expires: Tue, 22 Nov 2022 18:42:41 GMT
last-modified: Wed, 15 Sep 2021 07:10:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 46565
age: 390871
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3DC4 0
0 53ms
51ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfUAgd9uhYdL5KIuR7gPHzJ2gC76Rs9RmnaWej8MOtqTyjNMHEAEg1_OGImCV2raCxAegAfCduvIDyAEJqQI9UZ7Elf2yPuACAKgDAcgDCKoE_AFP0EMP331DU3cxQ0pkYZ7SiXrJAg9oXc8aUQIgbdqON8QxHfuAIn4x7GBYf1OMO4oU0ZJK76Wm__gOK3LpW9SfFfNDbmUsWOb2jVCQ_N9C7EirfkqpZwiZ3At-ozFfsxolTLf2gCIYkGE-7mhMUeRyyJHmNHCfMXawwtuwrlwl8iP9K1UGObP7rNK6JOadKlUKTEtSYn6upfig3ZCE9v-9dz7Nk9rybQcetSZVgSzr7yS7NVIzERTxbZs9fzdoeh4E3OEQFwar8ei_OmHX42ATcuXtfd3amk_OJIJ0xNU3VFlMLeHNsOMABuVf72eUt6LtNHp_cCn8vnVNhDPABLaF1-944AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jhxQ2oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCjmCTSCAkIiOGAEBABGB2ACgHICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzk0ODQzNDAwOTgzNjMxNBiv4Rg&sigh=KT2QLzEqJTg&uach_m=[UACH]&template_id=419
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3DC4 19 KB
8 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3DC4 2 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DC4 119 KB
36 KB 29ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3DC4 15 KB
6 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3DC4 0
0 47ms
20ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlQJyB9rEwRF-UmFYlxbQ1tSY4fW6s8UrmJrQReZTdCAXT2-xo1CtoBp7mezSL5OO0uu8-K6FZ-6gC1DyD3Mqt8utL7w
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E070 624 B
297 B 32ms
23ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNW9rJlJE_6Jtt4yEDp54_CC1lPduf5bo3JsMcnNEbrtsUia-ysH3xoIx24wklRJxw0zj27xn9nUcurmc3oKnzIf_D-9UzxChF0sC4--Ypd1PntWq4_twt9AJUeFeQMQ55MHPAkWwS1tL7SG7ZQ9v3uYNqL4k9c41FGymTxazfQ7jr_VrtY

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 07:17:12 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 59A9 25 KB
15 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BARs_5iIfzwPi-N4kN7hcuu4QOWZTbAvTyJD-Uuxo1fLMWoFPTEbfIglXYv39A-D0a40MIZeHg6kelPpRy6LJgSJDWiacIUjkcspp2cGRfT9HXy3uHKFzQr9QJka6G80eY8NBugBBra0vnCe2epfBElQ30qQ&cry=1&dbm_d=AKAmf-ChQNiQtz66SGp2qftWM1th57Lkwxyu-mMclwiZfitIlsXAidLSgkfAYohQr22PZrQbktXxmSgHeNnuqa5sj4aUbjWccrIYxw6mgJPR1X83g7tTW3SUwNX6QQngv4Qma37LNI7s96-DDI_BJBcv60kGIUUR44cs6_cBqFbfXW9Eoqb-71-HbK1ziSFUzHwQYHYpvedWnkQr4pp_SyXzDvUuo1IEBkWpT8svXg60HgNsvyOoBP_CW7jmBOsGq2aFVxPJZsxjTSS6SnT2JnZ-loLWzdNkj3Iv50gucyGfxT84wny5ZK37ASSwD4Yz0aS33Mzi-gTGAWmOQBuUl6P8fz3io_t_dCtvBl3BHcrBRtJzw6posZVA-By8p_W19FuZymbxHxFj6HFxp-leXSrkd3gwJIZQOxvOPIUWKlCG7j4WGmL9Jc-LxKmuF4Boi82s3C80Z3KK7zKQ1w1bdW0moUmXHso7w4tRHbc7oGSRP6wYeGEEPGG8Zcuu9xFD3Yirz504Ij4iTtCsq2yQEoP7OLOM4RqLwFD4W19a71HzRpfbaI3OhwrqzznT4oPMfa88u6vezNns1RYqc_MPxC8RM0EVmC1tF-x8yc4fKa1KQn-N08rRly7TKEO6fy31JChCKO6Cj-c0DouZhdX1GlJ8O7B-HCEpwYXMVwiUBeHdjnOa3r_8mx6r1En9EpoQNOiW2qwWfux8XdyxlqZtR-Sa132DXDQXRKL8Oq2CBjMLApzEKR9dBGUpr7Mt6jJ6KOtlA9jt4mBnnqNO0Op9xdhSO2JmWahxFNyuH9thdxK1CtZqU0XnabfVIFELRJBd9jPhWRBTc5AaHyLJYUh7C5vafU9T52p-b8oWS1tN7Y2OFK1V_2AaSmsjG1YwxMvVZj4fuJe43hjgRBoRyqoJwIAJ53FzTOpyt8dB6B9e_akhM9iY_RfnovALwqaeNFGfY4cFwRRfimJAhEfMBPPSORxqCm73LuvM-uzpk3mC8yL27E6L2L1uEyIu7JpQgq9FjYdffdMMCmn7wOOY6z2YwgS3JDi86-BsjIdmngjdyYDfbQD1HCbQR477k-e4llbA0Vsr0Qe6jaEEocuyU-NemLlzpUlKzjA13tHVheet7Wjh-jBRvd5Lpbex0swEiaE4L_kmfnutfMmosm2D7-41_cppuht686_IipzBxufsxmCWTFXuKQZ7VpQr-t8o9dibhzmFHbfRdS-xRXkvJXyPIgbuRgCz-ozWzqm_ikThQLk1D9_Z_Kd6ib2AfCduH53go90lSFi2fUeITwWrSXP_bDPM2KDdCCSA20GLNw08Etz0F7yAMvPjQsLEyZsU216y7tcH3OCrre3PFa2z6p2j-7Or-Zr46JLkD-bL8lvtiW1SWLAfyhmlXb7-jKVfJ69PPl6Nm83-6VX31g3HybxUqxX-FkPpdGyN1XZZv132FU3mgihk0gBbGYJZlyXrjDZRNjlBcLlBkSN9yTFHW6PAX-DMTMLZI1Jk1rODaQcwnh0N7zYRC4RmqNMQeyiIcdJCAXrOX9IqP0dR_TIS7EpFZiSxiqJpFYIT3okuJTKyG0ZL7nPaIcf4xB75V_A4XHjknr30BKAn0DV_sCX4PuWqK6NrMfxTv4uCYZ0xaKriY_rdBSyolVViMl09eZ0vxYG69sSwrLHuiKyCLHGHw8E3Ersezc2zKG3W6j7E537lRfNRnPC9oHmK0tSV6ZAOJHEwbYzlfKZ-XiCTodG860Qy3msgLxdNJjiyfau_6Z5oDXGIqixsOcNPlD7cyZm5jHrYjIEquzepBfzyiuAKobssC4QBP-X3EfmU56VnqOb7YVD9QGnd7typAv57KsvwXz-TjU5Nh5joTpzdpuWEDtS0pMubTlmvsCYjkujZ8hXZ-DsHPlBKCBPKsj51x8seG6FghnFwR5Svzd8U_AWXoGmBusqNDupmmr2dMwJn5EjhrW-aNpMKWLzChX_OZF-rQxWzJOLjTIxr3oAYnOfs1crXeguikhit6a-rbnyklv81ejJb_wH5HtsdEqALTvmOcr-smZk-KuIF_piui5tkO8ZLI08C2XoHOo3RRwiqyey-R4so_KeID9fjW3iwrGIdKCl8SR7EjkuMcIsZVy1uRxdy7z5R0XyhXwykd-QDGHn3u_1Ile30JYhblLO4kvOg58dfWrCOlGPQIudtHu7I6wan2GOvRqnRr1MHWieX30OWuOo1ZxfSm5WDjcZ-sahsDz-G24G0tMa3fonE1ETslXbRp4Z4La_BBONllK618xTz418p6xOGIFSQuIIg0iGxm4kdtEjYQHlwBreOMow4XWZRoAZvYVYYj-xtdPsEx6Hqo2m5BtH55gAt8WSWqFcIUlaHPj4wAJkaxOb6SmW8oJojMhz5quYoxJ6aY33VQLdzmK9XZKmCyL0Vq8Zb9bVA7fqZ9WnsP9avVsuhlC6KOS_QcDqWZ4Fr9MvU0DlMvl5tfnVRZu9WMGrQn8NnVa6UUe5fo0RqwZrXdgpxoS9qE07qgOBoubC7gds_2vKKNrKMKtJUI2ea5Os2rzMV0LO_s9HOf8a1epNE9B4PN0yf4IgguHj_d5B7rdjQELA2KjFFaFWdlvUnpo7GhgrC6LYdmMSiCgzw1VXv49KWdhU2d4cDVUX2Eqlph4z5Uejt_4y5GwTK-dA3gBX3kf7UBAEjUMmrvpzFJgigofpSrxR_4y4W9Eh3yUqoPjSyEZTyI08UimlA12e8mv6qKc_RFQ5uNPcyyj1AzoWQ1vKx1vOFGHlOeMR10DwZdARRSdAIR7lCnEoFeKnVfkeo1Ba9m1Bjywm8NN6ix9XYZBJtWvJlKUs2TgYoHyk50SnEdmb23FZKKvlyAKN78Wb7fiClYW9Ms4uVf6KgyRqbzHA4e6b206RzsJl6DhvAnNHDu-U9B5iVYMMixZYZhP0P2nruXeDlVhzcxg-Y-1SVaLQJhzQKdphJr8We-NU2mYhf5uIQkPKqTiHlrLTB-2CjUX_l8cr_H9Odvhllgnq7P0RkUNFNGpUlUkh44r1jRDr97LCD5cQ_wvhYDFzc78Igy4XnL2tyxNVLkoU9yECbQoYqJH9Swqcfk6uRldAO6CbGhRgYgxvVfLIr8vPYZTnO0UBaoUjqd27DYOiZNfyUErBpsijwHE8WtBrtzLyTXp5p9y-oq_oWvonQeDp3IJKe0j0jsFGuIZy4fMoochCNN5XvmT9oAELRAeF3Dzh7D6ZLqYgC8hkjSVmclAuIdHIv2bvrdYMfRj7MCHJqzwWbcDMIVpMeDAvJ0aCdw0kbpiDXe9ayTWw8QcYAdOexcLN0WQfOJ2eGd8DDB-mwdJcRUa8RUbEJK-X6_-6CkLh9swMgq1noHAiHgnpo6tfYbRzbWsHTmEjcInrAgtEuyCM958PZ32lJg5BCs8JdTHYXx7TA3tO5nXiXFSll1kxatETJPdAYG4uBv7IUg9CvV8TZ7XrswEyZkjzGhzErfYjSa6FmqAWYa5AtyFX0QzlLgZ3sEdQ&cid=CAASFeRosNIpA9fsOtNqPiWafv9L6vfV9w&rfl=1%2Chttp%253A%252F%252Fwww.painaidii.com%252F%240

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f44e99175cb5e0c105ebffb3da8a895065c8e30b1d5fb7fa5a6c30ef74647a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14952
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59A9 42 B
63 B 47ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUmE9GHs-aErAeMbxqmih2HH7a_EbbuXJqw9Twa3BEDjKC5zZYcCxQZrzWhQatrzODvt0QnBaiprmNLMZmZt4nARroQodLYritiFYgG44iLBbal3I

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 59A9 9 KB
4 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:46:08 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/774473/57793669/ Frame 59A9 46 KB
13 KB 475ms
59ms Script
application/javascript 54.76.210.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/774473/57793669/skeleton.js
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.210.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-210-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3c3bff1cc758149536488e4780e3ff02106fc8912dffea89b887f27d30dac568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: gzip
x-server-name: app20.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 59A9 2 KB
1 KB 18ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59A9 119 KB
36 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:17:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 59A9 15 KB
6 KB 19ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:16:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 59A9 0
0 43ms
21ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeLaXm5aq0Z975e6I1bQHzy90eQ2ItYPbZW8Kzq4pBrajRt2HSK4G9TNV5maRDvXkd8AXRwZaJ2o9AhNw5W98W8j75wQ
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8975 35 KB
13 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A77F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1

43 B
894 B

63ms
38ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIe6qbsBMAE&v=APEucNWISFRqvlRjdUGxHuLeH5p7CxNsJgrh8CBzSCr9r14IFbul3eeYuyMp5Jkk6UX38GAYO0MwfRCpN-3yk_GmOzXqXr34R706knYYFESCHwG_Plsmz5bPq1v33oEND5I4EWEDHpiis4LVsmnBTV__fUU4whfw5ehjvhg14fRSlqyIG7IeJqA
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:12 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A77F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaHbeOaLsyGEHNDe2XQW.wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2

43 B
1014 B

30ms
29ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIe6qbsBMAE&v=APEucNWISFRqvlRjdUGxHuLeH5p7CxNsJgrh8CBzSCr9r14IFbul3eeYuyMp5Jkk6UX38GAYO0MwfRCpN-3yk_GmOzXqXr34R706knYYFESCHwG_Plsmz5bPq1v33oEND5I4EWEDHpiis4LVsmnBTV__fUU4whfw5ehjvhg14fRSlqyIG7IeJqA
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:13 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A77F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

43 B
1002 B

35ms
23ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGIe6qbsBMAE&v=APEucNWISFRqvlRjdUGxHuLeH5p7CxNsJgrh8CBzSCr9r14IFbul3eeYuyMp5Jkk6UX38GAYO0MwfRCpN-3yk_GmOzXqXr34R706knYYFESCHwG_Plsmz5bPq1v33oEND5I4EWEDHpiis4LVsmnBTV__fUU4whfw5ehjvhg14fRSlqyIG7IeJqA

Protocol

HTTP/1.1

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:12 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c22d3548-4a39-43fc-a737-0f93bbb60c9e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A77F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

170 B
188 B

15ms
15ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:12 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4719d229-2104-4d77-b1e0-8fafc968c645
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1B1D 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcDuQSwxo1grrc3i9O6ne9FiGt4sjmraR5u0SCJ-yOTu9SvEBzMMv5BW5qvv7juZGSLkVBOAleCd3J6eIs0Fa56HkBCu6KyMuSnYVaPhRdffdMAK9ItVyDCVKiW24JHXsRdUS6MS9buTkvEFVYpDum-KMM_w&cry=1&dbm_d=AKAmf-DpcFgx9dfkL6wt0OSsaARSil00OFveXoG2zZ0YXDVS8QqtaVtOjgNyhVOznf6hOyVP_uWZijD7zZP1Kw7cOLWfVaZVSzXYkL8nwKo02E-s24KTUMGo5dy_yQ1mjjE6NBNDydsIn0YVBDbbX8mYW5f0iRvBfNoxbHDQYJRvt8rbai1DQ3PqkCwoSAaiKmCLMNyuopqlGyeAnhvNMZLdiIwh2CNayawWPH2zcOO71NhPyTqAVGhCEncakUXNGxd8wMraelXl68pt8Ld0PkaL5yOgzUJrFzthX1xDCRmVkbRbq0kBV_ws2FKTHgcmPNmMs_qfS6q18jKsAsceYgy79XG1Loem2t7DcY5x4zpBx_9A8PwNbK-mG5d7wlF9u0dgIKIEzujkIcHoPKEcf7S4zKplPobXl_EO3XF5SVbRYc3aLnjT0gkJTJORIkkbSdFChZ4RMl7KA5BWPVsNbCLthZMvz_JtmgkGj3m2xIztZeAeW7DFQuWT03T3WlRRJhd5Qxw8x8u4jLv8gksCJzjKDlikRZ1RQqWNKyxLlE4FUGqPCCmJm3kDldZ_D8bViY_6avrm_Kcvsy7hOHz-fc7sNR5dTiag26mFtz-UddhlnUqapTwW9Jw-S0X089EP7Ug9QOYumEI3eVktP88Fn_QuoOMHJ9sZmo5T7ib9OHDwgPOltfZpmV9DZT6WYT2QHfn4LLhvAsHYwq9OdRfGCNFV30AkfYwgNASx6ODw3Vg9g5pzvs5MTrZoOFzBVA6VVyd3WRd9vDDGoikEi6jG1rs-PjwaQpK1SSyli-DV8GVheEC4cnPfLOX1VN8FY8gCa9ReWTTFlUiveXEwvTJ2jAbLIM6-Oh8g3xrUOhBsEWCMUTuADUlHD1v-3ptaCOvurB0P82wpBx81Q4aiPuxT0Uic3-cC9di5XVSmWAtHSCUgFSeBB7Cz0VcTrnO-LWFK9KqzxaELMl-4Vo-1olyY_1vIWK2R6l5BQE0a4x8aRPyxw1dQ6BjV-kGnGW5s0HzG2Hc4jb0vxI0KQ9xKnmzg61psgVGt2yvV7T-AcIGFsnXJYtxDl3YfCMRuhUglxLymPT6mmh_tzp6Z8D-z82SzxrSMf3NyNbLY1-yYGGEYQiEtOwDrsCCsqeaxbmkEt0SjNvfnH6QZO1_agt-mpubRpo_Wjsji3gzLVe2myoH_--20pKk_wj76ByNQOkyZ273IqdZ_ISzouKHf5GWwfNqDPNAiTXnur_nnurE46tm7zoZRVui9e-Df-p-bKjHFuXcU8lZp7DJodUmPpoGKlTP6ggGqfHUSdhV8-UQpm-jKyWiBkl-w1z3Osi67g9iRujQyH6AOZKcL2-SMEbFSl0s7TwXNHPrCF3L2rQdjd_7MqBce5eTxoGyHGtFpru1AtwAARVIiO5fTWja7VL91yZIweC7QGrFIbr7lcxrWLt81kGI7kHN1KCDkWXCIcoWST3z6yADBqfTU7SVH0WNNEhQRWslMDuMyqe4p6sdhTbHGjF3t2R-vyTKsL1MeCBWJwkan2UcnkeUXM5NdpZyQ3YlJUJzDgwuvEH6v88Db4qLQgJ0KmMufClOGS1DC-1RaMIAg2sqTMscQUxCGulgnSWqlUNK8ACH55yU9W7R2aftzdq_tRldb3gDG0g4_5xx6XMpOp5SPeBY39jkCX6L0ZLA1hhO-awBwuZvs9bfR7rkAnHs7GWN5AKapFYByc1WF7GwFhq943g9nbA0jrhn1dKrizQ0syeAOfsb76y7NOVXA3fdN6LQRdFCam_koKI92Wqjzks20iB1t0CKrzAUR0xnLJcZ4jtc3ORvrJdfYfBfF88ljIPSROeWhHeDh1s9WpdWFVezSHjN1wXnmr5aayhcIKx4I7HMYbSHDZrvIyQ-W4s5T-VayA0-pSUaZkOK-eKc6LikZ3unjmNy_BGqwKCw9I9e8jOL9hMpQ9uQtodjZGl_NwXp04oHORF8Qf9XT14kiebLwhtRpBfkdlWSHIdQKBOBLw6HTve-LCjeq4ZIHAOFn6jHJjZPkHjaMpyNynFBKnFeHmIPYOGFI9UIOLwLEzRCBZnhIQ0yDnBbNPT8apvqOz9nxU2F8QwQgBt2XprueVZpFLPmwynbJ5kkeKxA0eKOVMrAfnfMfbrni5i94TXHtaDYVOFcNHuc5vo9zEGY2oxJDI3IhFDo-wUYhkofIc4TluKHEyncTR2IZqQvnY_VaBNGO1b2spOVq-0fRv9OaLW6d6-fNmOYNeBOPPlJoZVuQbuNzM82L2xa2ChSmokfu-nqLBbvTDoqTE-qmAqHBvgnlup-QM4kcX4nPBW71zpbOrAQIgT8wZ2pMHEws6ueTHOFrhGgjnNA5hkUKnxz-OJqKdJju-1RRMXupENRMwp-Yy3NkwzHDPtnf10bUeRmN2vpEDb6_m_FUVobTGv92EV_bakN4DvNlnVfR0TsUliwk4g42r2BHd9hw9hBjqFCyqb0D13LTM9rgFftrJfkUSXOiRz_fvNxQWtUOaIhbvN9CuTmaOBQnzcPah36yt7VhSckdoduiZGY7jSdAgv80G0NnXDfIEpJY13PU_oBqE2cjPq9DqygUUisgUdyoiRqDkpFFFl9Ikq3VA8BI63RPeTqRWoHc0urQm9E6iwcWSltBFNhrJ-4T_rkgkyQaraey-4iHGg6FxYZA_EbdwwulCh1P0EgqVW2Wyu9a0cVHiWqqKEYUpDXv6Xa09tj14U9gJekln7o0vpfVKBJSxtkaHBkMS9R8Kg4qDqNoZbTZPP22pYEEe4nugxFctErTWsvxr70dGeo7nevC5UbKyCvJFBvbf6-j8hXh2MgJwNdAqIuq-MTplcvVaTweBPG1efYoMVL4V88Vx71lN1wFcotsQ_bXyIHhjM3viCt34AuZsbwXH0cvhwCiouBLXbI48mAO1CETcWH6xqPfZlAKA2yxQ4iyEiTfJmFDWnXGTI_VqtCuUoBjWd_XH7E9DNxYGYu8WSK8lHJTJvrMfC8H0f0TTOIfKehKN_3QKD6W52vEqLxdmOfLbHHvUpd1122QXg7XyXI5rGiETc4EWi_g3CuvUBeyXMtup9-P0V8qA28mYPOUZf6X4X_Nb4SGokTOwT50AmF5STF4WjmEZ9qeOg3KEiyiy7wnH9hEgNN6-VVIwHxAeQgXtvJZwvEbpe6WwC-liML1Hee9Ayh4mk6kyjXqS7mcri7bXjmFMtAmq4mi1KeGUHUPdKj8_49PmBaxK3ovMougWa91OaxY1q3CnkGnf3uxHfVe3pa_pDHvvcbPJrAG16Tq_CpC2yyeXYFbSRUsgVPtR5y_Ed2LVxCdAr2oIIhHdCeXK6z1mjAUcdyvY0ITWU1IAnjq8kaEJx26rMvwA6jTqd1Z4YDj-XuJR4PZzeQaJuoSAn03c8_-5Jn-Nxsl9LnlYt16y5ZUQLi9VRmXH6-jM4GcF2NOXoiBL4-5measrNSS8rTSj9WK-_w274HyZ27BiLny2iujBSoTwpC2wc1CyN2lrSk&cid=CAASFeRopp22j92RVw0CNv-9dOfx_8exTQ&rfl=1%2Chttp%253A%252F%252Fwww.painaidii.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:15:21 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B1D 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6981 9 KB
3 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 27 Nov 2021 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6981 26 KB
10 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 27 Nov 2021 14:22:06 GMT

GET
H3 200 logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/ Frame 6981 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/logo_d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 380982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 07:10:56 GMT
server: sffe
date: Mon, 22 Nov 2021 21:27:30 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 21:27:30 GMT

GET
H3 200 tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/ Frame 6981 24 KB
24 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/tyre.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e746c385ab6f4ff90951bf1b6abb87ce52b68528a6856cd95edfd439c51c18d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 390898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24250
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 07:10:56 GMT
server: sffe
date: Mon, 22 Nov 2021 18:42:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 18:42:15 GMT

GET
H3 200 logo_tire-guarantee.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/ Frame 6981 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/logo_tire-guarantee.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd7dc76bbaab8db1dd3b2291a9b1b52b1891f1f427984f3ac3c43c85a5044f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 320308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2817
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 07:10:56 GMT
server: sffe
date: Tue, 23 Nov 2021 14:18:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 14:18:45 GMT

GET
H3 200 logo_3pmsf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/ Frame 6981 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/logo_3pmsf.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd636ed4b03e568143d69b0e7147a1e5e89c5ddc1243320069b79246ae6e22

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 273966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2564
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 07:10:56 GMT
server: sffe
date: Wed, 24 Nov 2021 03:11:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 03:11:07 GMT

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/ Frame 6981 57 KB
57 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

798df381b75fea8a36996a6cd24c454de79f1f84990b18a317096241184a149b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 273465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58017
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 07:10:56 GMT
server: sffe
date: Wed, 24 Nov 2021 03:19:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 03:19:28 GMT

GET
H3 200 logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/ Frame 6981 1 KB
1 KB 10ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/logo_l.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 273966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1497
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 07:10:56 GMT
server: sffe
date: Wed, 24 Nov 2021 03:11:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 03:11:07 GMT

GET
H3 200 logo_3pmsf_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/ Frame 6981 3 KB
3 KB 9ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/logo_3pmsf_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14346135119744995162/nt_w21-DE_300x600_nokian-seasonproof/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da46754ab097219c68cc82cd9cf943248d15c5fe9c45f2116d28e778cd81f52

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 96114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2674
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 07:10:56 GMT
server: sffe
date: Fri, 26 Nov 2021 04:35:19 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 04:35:19 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame B6F4 106 KB
38 KB 57ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Origin: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:13:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame B6F4 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXTy8L41I42LMRy14PW6kBQO7PUg5d4R3cN0YEWaNyChN6W3cdoL4hSNoCgsS5NnWIBJxIxsJ5jWssCdD9WPViY-TqH0qEPVQroeVoEt8MCp8pxk0QBQwVpA3syAv9tMTZ-aKjGPESBnpg_n71xyXNFJrPSA&dbm_d=AKAmf-DCKz9fcPaUuAH-zOk3G-tL44gbuR7kz4Iv5kHsckOTg46dvkrdvwwOzDdM1o2FRw4ysOiGvqRTo0j4pcO35GneysGi-5CwvGkwjL4MH1rIXzGRz1BKUMOvAqhHRnTHEmh-e8eFIc7p19ykYIIXb9OeIzqHZInj_FJB8JRpakr53rfe9CvC_qlfjj8GHMcJ9SYLs2xY5cQmxvP6ABvFTlG79Qu8MftPoI4EuzCw2hhZMLW5XNopJYRgTT0JvmhM21yf-AzQRBaoRyWHFRHCXcvj8fqg1OnbabwVEqbhXGlBEBeSS6sSDXqgvsdACC0NRTM28XBzkMWyGnJJY63UI1sI2czRitqXZXGII1dKFtBJiE-zuln2eK4uvY4F_dnsGvJk2pv9mAivzmjOQzwDkigmGv-PADDl8V-0gF8ovTglW3H_q6Dmnhf8rZjB3STvX3xcrhSYZjBeRDI9eO6m3LEtgzT5bKFpXcnbLXU32ELdokEfj7zeFjnHt5igShp66VMTXcgE4J9erkpW-G1lBPz07ZVLbEryWHFKe7h9KwjAa1Ctz45STd542Umpnkwgt1P-aDOTNFjq6t7EfxtdJuJhqRMavrOGupFAtnTA9wwGJ3g6uWrsOM7ucc8rnn1j1n5KRLyEkoON5tRwWuHji2WMgHIjGKpM0KqwBuqq440v8cAGdg-awKqqXVbt_cAJectV3ALpBCPjAOurZvWQ3t1NtVLog38dmk2XH0XZ_50vDQiuTBkCGn02F4UU4Y4clfDj6Zub9_vGfl6E2RQLhhjuzXZPHDShN_tKKB7jvbMI5D1ZmvtB899nyFSmHAsI7NZsQbANx3NcOpnny70-QCiIhwGsahXEPkFfiBFieyKjd80QKqSqXuFrgccegesBq9nRr6Azi3ls1fg9ZCdtoS8fv66ZEVdJLP52VF5OV_myn4ZRGOXFEv2Mpse_iwFVTPkvafZ0_YBnp171gMQ1cosO-pkortO4SphCn4Sjoyn6BTFYs3MqDDZiu6aM5Gs11LmGQZoYyvvUsz1jWyHXNSAHIrwydf41XDV4OFYo1sb9av5jieLVpn7kmy9qZ8TQjnrJD1mUYm0NUQHIdy9VHLQhF7RFKDDlAjLjXfSB8gIdVO-226yUNPtpm0Bn07L1ByIrbwhzTpkg5xIgUrWcuev2CJvbHuarGSZdmX6gfdn0lZP-fn3SZOlI8y1ZaBOoiov39tUJwmF10hgjLTxQFDuhyyU2r0n-qJWB1Hdjx6f8rN9u0jOekMsX_VVjSUZFagcsgfn_BvqAVbllqj1HaKJF_hMjlRdcZWVW8rMJXrAAM3SaCVuEb-koXBFQrAV62AyExZf_589PeWbiLvUNAGbF79OMH2LY-dAiW6nAOw7AskD1wFQRcFWyIWsnl5tCEgre_ZWx0R3g_twG19d5g2x-TU83TnLbNXqJClRSau-GiPdduUZsznVKbA55yX8cwM9ObLttco17nP1htPBoibulfdmi5rduBHCgyyuvy8-X_-A99uICIHftHqE3GCzLItDlc3bbOm2LiFQJAUt8T2nG-jj3EEy9QCnJrepYQ-bVOwEmJdkN6UnrdhMo3ODtT0jg-OwXVMbRX5X5XkP6cI3pwN4X0T6zZyY-TXiOJmAltE-FaCnTGHMuQenwMM7Qd-fz6fPcEiT0AJ31wj2xazbFeyANNfMtCXkxBDmckDYXYjTeChiExk-534cYOXcZjSkvvPzJXsxDw1kN-xgwRjElJZRelxqarEqk5sErb_CHzNp5MFAhqmWI1hp_cSdWN2kRK9VwNASP5wAaMfF7BzEQgnmBPJCdM8YSiIZ6xOiuiDUgngGEVaT-dpvqFMaOQjcAbSaoKyzHKR6VxCSyqj1L9fWFcg5ZPtXzMUytiQLaZ1TbvYuY2eizQHSmJX--06vckZR_kzObDn93AK064XeRp2jtDiLpVpBMaNVXTxSgnQOkcOBi7aCV9Q9LxOZ3fuLOo1UYSHY19eVNqaGOG5IB5Zj7LtqQI0hYTcRJ3VWOn_R9xMmaH3eV02rRMylySn9G14EOK2klkP3-qWhZzkBLzAcYkXHV4fmgS-SgRfHaTxM4X4Sxt4K22xcGZ2s_AqHtaMMyYv-a39oYT407bg-iLF3gDPfrvuExP0YDxIp-BZgGOUQ1uIBd_lkVoysMqbpEmtChWCvKcRiZkE17KATmA7QqErDGLgth9rThc6GElF4e_h_5LnagrwOagS9d-A0j6P-T25Vwo54jvOiyQUJmhtqJbZ3yIPEzv5o5VLtIkK9AeDEFu16Ndd7hQZVsxL40sxPQs8Hy6VPASGTr1SFnIGPho4M9XkQb_DNhFuNRL6J5v9t-xjT9zAyMxyCZmpz_nbTyANoc1WCkJiBQvMePOGrzqtknhBDTbQMIxZ8FgEMA-kg0s93ETq9xzonE4YUrQDmN8DWmY9a9pjFoEhmP--GmyOwhwWvqgREqgvWgTaSuQF59oLMnxnZ7thWVnnTGENCWLkBFXFbaYix25pKrEue1adhh_Hg5g_gmDPZTfawiwDMdqOWvbwDSTDrX_Jw4xXziiCvNVe_wvLJ2dohgENTKfOWsxpsFHDUiyAgs6xIztpYSMjp3sdfvNxvwOH8iuiVzfvR_iCoT8K55UV8mUIyQdj8DDRqlFa-qy0xHaeiTY4v3_Fk-hmhYVtgErsvqEjSKY2eEda8BsAwPJ_4n1OndcOkIZlUZjKog6BG7b14s0x4TD9M_ElYQe85i7wWBB6QLlZ0c1zHY-sybmKYGbOZQZUECbCNcntZwN9YO_A15-Y9kY5nP65MMXoA8CmNbx2LEfrTo_VFtnpfsOznDt3cIMhjUH0rTn9MdvgQjoFAFo_kGCGmpx9ajkZ50mJVvxDWdl5iVce748CzxewV8iSotOpuvW41VjxwWaKmEgetNDqIUTiRxbJXgJz6KLhKLtT-4bvYC9Ljpm1fuYWdugrXkV29CELWTafm9kNbWBZCq86WoUBhHwdBiTVq154qjd95euDUXXh2YBNDxSiAR5L4NeYir7MRcwgYXayl9B_bvxhcv-Rc5DtNwZQ1S7LHJS8d4zvAHKIwetgC_10KbayTjqIqraUj1DS4HIF3qcZXwwlTFG7zdWpWlOtbMLEQl3_CIz2GbaVa9CT2bJrYZroGz9L7pNwGGSBZwTutGnGmAeXCadTw6lFDFvnYW99600tyLYpAwuRDG8DDPvgUALodjpXfBsJjG3Xw7XaIkWZKSGfM7P3-qEgJlvL780axoONI7L_2tvN7dEEXz4PwyZUJQuuS8JB040_pfcjbtyz09TYGZP0XaCiArFVq-g18qsG-mSrFlM8bpqoMSaIJuh1GVP6O4hspAs_FZqVmO6gP-L_tPto8GS4SKDhH2n4Q_RxKmYFUlmI2Pv4gKXR7LKGVpsws84KlgSVu31AkLdiNnLqbElsTCeWpu8-SWuDdzlS61bYyOPihZKEKVBbVuj7kppyEzlm7dwcPaIQStYpbRhk0&cid=CAASFeRoqnD7DyXHgg15u6ssS8Ij0TKHxA&rfl=1%2Chttp%253A%252F%252Fwww.painaidii.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:13:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B6F4 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:15:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 51DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1

43 B
1014 B

62ms
55ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNXwEtkLg6G4oX2E1Htr8DiRNm2jW8gnRaXEntHluNt9B9qildXs41Nl2tQjwqwTHvXyyBIGNgoEYLQUT34gcrJJmjBn2O2FhnvHxs0MpsstMD3bVfopO8KOL5li9hBdjZqAwjFgUSdwUHplxsGs5uwKKK1ZUzFKBIFlbRXf_9oUxMzAsZg
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:13 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 51DA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaHbeOaLsyGEHNDe2XQW.wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2

43 B
894 B

29ms
29ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNXwEtkLg6G4oX2E1Htr8DiRNm2jW8gnRaXEntHluNt9B9qildXs41Nl2tQjwqwTHvXyyBIGNgoEYLQUT34gcrJJmjBn2O2FhnvHxs0MpsstMD3bVfopO8KOL5li9hBdjZqAwjFgUSdwUHplxsGs5uwKKK1ZUzFKBIFlbRXf_9oUxMzAsZg
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:13 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 51DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

43 B
1002 B

65ms
64ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNXwEtkLg6G4oX2E1Htr8DiRNm2jW8gnRaXEntHluNt9B9qildXs41Nl2tQjwqwTHvXyyBIGNgoEYLQUT34gcrJJmjBn2O2FhnvHxs0MpsstMD3bVfopO8KOL5li9hBdjZqAwjFgUSdwUHplxsGs5uwKKK1ZUzFKBIFlbRXf_9oUxMzAsZg

Protocol

HTTP/1.1

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:13 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 63407f27-d3d0-42c1-9554-83ae24b465d2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51DA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:12 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4fd31ce2-ca61-41f7-9dc0-cd20343f2d28
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 59A9 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BARs_5iIfzwPi-N4kN7hcuu4QOWZTbAvTyJD-Uuxo1fLMWoFPTEbfIglXYv39A-D0a40MIZeHg6kelPpRy6LJgSJDWiacIUjkcspp2cGRfT9HXy3uHKFzQr9QJka6G80eY8NBugBBra0vnCe2epfBElQ30qQ&cry=1&dbm_d=AKAmf-ChQNiQtz66SGp2qftWM1th57Lkwxyu-mMclwiZfitIlsXAidLSgkfAYohQr22PZrQbktXxmSgHeNnuqa5sj4aUbjWccrIYxw6mgJPR1X83g7tTW3SUwNX6QQngv4Qma37LNI7s96-DDI_BJBcv60kGIUUR44cs6_cBqFbfXW9Eoqb-71-HbK1ziSFUzHwQYHYpvedWnkQr4pp_SyXzDvUuo1IEBkWpT8svXg60HgNsvyOoBP_CW7jmBOsGq2aFVxPJZsxjTSS6SnT2JnZ-loLWzdNkj3Iv50gucyGfxT84wny5ZK37ASSwD4Yz0aS33Mzi-gTGAWmOQBuUl6P8fz3io_t_dCtvBl3BHcrBRtJzw6posZVA-By8p_W19FuZymbxHxFj6HFxp-leXSrkd3gwJIZQOxvOPIUWKlCG7j4WGmL9Jc-LxKmuF4Boi82s3C80Z3KK7zKQ1w1bdW0moUmXHso7w4tRHbc7oGSRP6wYeGEEPGG8Zcuu9xFD3Yirz504Ij4iTtCsq2yQEoP7OLOM4RqLwFD4W19a71HzRpfbaI3OhwrqzznT4oPMfa88u6vezNns1RYqc_MPxC8RM0EVmC1tF-x8yc4fKa1KQn-N08rRly7TKEO6fy31JChCKO6Cj-c0DouZhdX1GlJ8O7B-HCEpwYXMVwiUBeHdjnOa3r_8mx6r1En9EpoQNOiW2qwWfux8XdyxlqZtR-Sa132DXDQXRKL8Oq2CBjMLApzEKR9dBGUpr7Mt6jJ6KOtlA9jt4mBnnqNO0Op9xdhSO2JmWahxFNyuH9thdxK1CtZqU0XnabfVIFELRJBd9jPhWRBTc5AaHyLJYUh7C5vafU9T52p-b8oWS1tN7Y2OFK1V_2AaSmsjG1YwxMvVZj4fuJe43hjgRBoRyqoJwIAJ53FzTOpyt8dB6B9e_akhM9iY_RfnovALwqaeNFGfY4cFwRRfimJAhEfMBPPSORxqCm73LuvM-uzpk3mC8yL27E6L2L1uEyIu7JpQgq9FjYdffdMMCmn7wOOY6z2YwgS3JDi86-BsjIdmngjdyYDfbQD1HCbQR477k-e4llbA0Vsr0Qe6jaEEocuyU-NemLlzpUlKzjA13tHVheet7Wjh-jBRvd5Lpbex0swEiaE4L_kmfnutfMmosm2D7-41_cppuht686_IipzBxufsxmCWTFXuKQZ7VpQr-t8o9dibhzmFHbfRdS-xRXkvJXyPIgbuRgCz-ozWzqm_ikThQLk1D9_Z_Kd6ib2AfCduH53go90lSFi2fUeITwWrSXP_bDPM2KDdCCSA20GLNw08Etz0F7yAMvPjQsLEyZsU216y7tcH3OCrre3PFa2z6p2j-7Or-Zr46JLkD-bL8lvtiW1SWLAfyhmlXb7-jKVfJ69PPl6Nm83-6VX31g3HybxUqxX-FkPpdGyN1XZZv132FU3mgihk0gBbGYJZlyXrjDZRNjlBcLlBkSN9yTFHW6PAX-DMTMLZI1Jk1rODaQcwnh0N7zYRC4RmqNMQeyiIcdJCAXrOX9IqP0dR_TIS7EpFZiSxiqJpFYIT3okuJTKyG0ZL7nPaIcf4xB75V_A4XHjknr30BKAn0DV_sCX4PuWqK6NrMfxTv4uCYZ0xaKriY_rdBSyolVViMl09eZ0vxYG69sSwrLHuiKyCLHGHw8E3Ersezc2zKG3W6j7E537lRfNRnPC9oHmK0tSV6ZAOJHEwbYzlfKZ-XiCTodG860Qy3msgLxdNJjiyfau_6Z5oDXGIqixsOcNPlD7cyZm5jHrYjIEquzepBfzyiuAKobssC4QBP-X3EfmU56VnqOb7YVD9QGnd7typAv57KsvwXz-TjU5Nh5joTpzdpuWEDtS0pMubTlmvsCYjkujZ8hXZ-DsHPlBKCBPKsj51x8seG6FghnFwR5Svzd8U_AWXoGmBusqNDupmmr2dMwJn5EjhrW-aNpMKWLzChX_OZF-rQxWzJOLjTIxr3oAYnOfs1crXeguikhit6a-rbnyklv81ejJb_wH5HtsdEqALTvmOcr-smZk-KuIF_piui5tkO8ZLI08C2XoHOo3RRwiqyey-R4so_KeID9fjW3iwrGIdKCl8SR7EjkuMcIsZVy1uRxdy7z5R0XyhXwykd-QDGHn3u_1Ile30JYhblLO4kvOg58dfWrCOlGPQIudtHu7I6wan2GOvRqnRr1MHWieX30OWuOo1ZxfSm5WDjcZ-sahsDz-G24G0tMa3fonE1ETslXbRp4Z4La_BBONllK618xTz418p6xOGIFSQuIIg0iGxm4kdtEjYQHlwBreOMow4XWZRoAZvYVYYj-xtdPsEx6Hqo2m5BtH55gAt8WSWqFcIUlaHPj4wAJkaxOb6SmW8oJojMhz5quYoxJ6aY33VQLdzmK9XZKmCyL0Vq8Zb9bVA7fqZ9WnsP9avVsuhlC6KOS_QcDqWZ4Fr9MvU0DlMvl5tfnVRZu9WMGrQn8NnVa6UUe5fo0RqwZrXdgpxoS9qE07qgOBoubC7gds_2vKKNrKMKtJUI2ea5Os2rzMV0LO_s9HOf8a1epNE9B4PN0yf4IgguHj_d5B7rdjQELA2KjFFaFWdlvUnpo7GhgrC6LYdmMSiCgzw1VXv49KWdhU2d4cDVUX2Eqlph4z5Uejt_4y5GwTK-dA3gBX3kf7UBAEjUMmrvpzFJgigofpSrxR_4y4W9Eh3yUqoPjSyEZTyI08UimlA12e8mv6qKc_RFQ5uNPcyyj1AzoWQ1vKx1vOFGHlOeMR10DwZdARRSdAIR7lCnEoFeKnVfkeo1Ba9m1Bjywm8NN6ix9XYZBJtWvJlKUs2TgYoHyk50SnEdmb23FZKKvlyAKN78Wb7fiClYW9Ms4uVf6KgyRqbzHA4e6b206RzsJl6DhvAnNHDu-U9B5iVYMMixZYZhP0P2nruXeDlVhzcxg-Y-1SVaLQJhzQKdphJr8We-NU2mYhf5uIQkPKqTiHlrLTB-2CjUX_l8cr_H9Odvhllgnq7P0RkUNFNGpUlUkh44r1jRDr97LCD5cQ_wvhYDFzc78Igy4XnL2tyxNVLkoU9yECbQoYqJH9Swqcfk6uRldAO6CbGhRgYgxvVfLIr8vPYZTnO0UBaoUjqd27DYOiZNfyUErBpsijwHE8WtBrtzLyTXp5p9y-oq_oWvonQeDp3IJKe0j0jsFGuIZy4fMoochCNN5XvmT9oAELRAeF3Dzh7D6ZLqYgC8hkjSVmclAuIdHIv2bvrdYMfRj7MCHJqzwWbcDMIVpMeDAvJ0aCdw0kbpiDXe9ayTWw8QcYAdOexcLN0WQfOJ2eGd8DDB-mwdJcRUa8RUbEJK-X6_-6CkLh9swMgq1noHAiHgnpo6tfYbRzbWsHTmEjcInrAgtEuyCM958PZ32lJg5BCs8JdTHYXx7TA3tO5nXiXFSll1kxatETJPdAYG4uBv7IUg9CvV8TZ7XrswEyZkjzGhzErfYjSa6FmqAWYa5AtyFX0QzlLgZ3sEdQ&cid=CAASFeRosNIpA9fsOtNqPiWafv9L6vfV9w&rfl=1%2Chttp%253A%252F%252Fwww.painaidii.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:15:21 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 59A9 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F39 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 07:02:16 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3DC4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc5e9c3400c0b2ea65eb087adeea806da917a671434182f53c5e704dee14c90f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E070
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1

43 B
1014 B

50ms
29ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNW9rJlJE_6Jtt4yEDp54_CC1lPduf5bo3JsMcnNEbrtsUia-ysH3xoIx24wklRJxw0zj27xn9nUcurmc3oKnzIf_D-9UzxChF0sC4--Ypd1PntWq4_twt9AJUeFeQMQ55MHPAkWwS1tL7SG7ZQ9v3uYNqL4k9c41FGymTxazfQ7jr_VrtY
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:13 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E070
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaHbeOaLsyGEHNDe2XQW.wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2

43 B
894 B

31ms
29ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNW9rJlJE_6Jtt4yEDp54_CC1lPduf5bo3JsMcnNEbrtsUia-ysH3xoIx24wklRJxw0zj27xn9nUcurmc3oKnzIf_D-9UzxChF0sC4--Ypd1PntWq4_twt9AJUeFeQMQ55MHPAkWwS1tL7SG7ZQ9v3uYNqL4k9c41FGymTxazfQ7jr_VrtY
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:13 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAKBFn1mKY7QOGVrz5v7K7s&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E070
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

43 B
1002 B

13ms
13ms

Image
image/gif

185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNW9rJlJE_6Jtt4yEDp54_CC1lPduf5bo3JsMcnNEbrtsUia-ysH3xoIx24wklRJxw0zj27xn9nUcurmc3oKnzIf_D-9UzxChF0sC4--Ypd1PntWq4_twt9AJUeFeQMQ55MHPAkWwS1tL7SG7ZQ9v3uYNqL4k9c41FGymTxazfQ7jr_VrtY

Protocol

HTTP/1.1

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:13 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 088fea84-ad0e-4434-ae6b-796cff6a45b7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG5dAnfK1LVW1O8I4I0yvso&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E070
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

170 B
188 B

17ms
15ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:13 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e71bff3d-2838-41a8-8883-b05d74008b58
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MTc5MTQ0NjQwMzczMDgxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 1B1D 41 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 08:13:45 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 59A9 41 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 08:13:45 GMT

GET
DATA 200
OK truncated
/ Frame 6981 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D73E 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/ Frame 5571 6 KB
2 KB 22ms
7ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01bde24980de53d55f142d03c492d958e8f7aff2a254327b51360ddb932bf8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2328
date: Mon, 22 Nov 2021 10:10:16 GMT
expires: Tue, 22 Nov 2022 10:10:16 GMT
last-modified: Fri, 19 Nov 2021 12:19:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 421617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B6F4 0
571 B 99ms
50ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsukw2ozyFUz6Ci8PqBsT4dIp22bmazHX3qTjHocrtDHP_LRYoZZWWVE9yr15GnXyno5LFAULCslCyDooPDUOp0BGq8Esm6lu4uJxGkyw-DdTzGcUVf8zgOanDoO3ySsRRx06rv3Lxpbn9nlsgBcki1lQ4cdmEwAp_VYDIGhGQTmq5MOBz9AMpmZVhTVZIkaGcXU0fr6IVn_UQDKzRyFTZfp2Nde5Gj1H3iRPfIEf3fMWclIaQoTBaW9sEojPFma4eUkjTybk8l7Pa6w-YmMjtHiaEXOY3tP-jhj29fzH-Z_tnu9pGdUAMHT0KQ_zcGYIiY9P_VtDFLJM8DXVs_cvvo_BaJaJXQF9yPm3qKA_kJg51v-UeawNORy5G1F5R0VROQt74u30qvR3jUgUhiuytCHGLOR3lAQUFVKakYiStlWpjNl4Xg9y_4LauSQrx-I0wcTMnSWc6w04fvqQB23uJo6B3R1AZ2wje3VDzjWGVSvfsjeMDec3PQuUMqnP7xD8-ZN5AbZbUS8kZOMX55kL93xcIJhi-4356bIfG7CA_EEO0qckayOiJnbdTKcdeEjQFfbh-gWYkoA6-j8zWaFx3_0_gn0Qjb8H-2vfYrgt8-hekKeQVT_t692rZaqlgT_97vGH2xbg7tL37nkc0ev5O90PD6vvi_6vr4x5FGfWhmZqwyRdHv51qtsAsVbQo8aYsxWyFx94mBovd_1SZTNWKVmrcUDBiBhHOLYVVo-VMabLvqDYukw8RULEPFBjOCTgeJVnxD-UYCgQNzErkM1nK1gjCr5cFEWWp8dzYVi7w96KPXbjYi2QTpo7aCuYd3-JA8Wz9xM30FQJqMIrl50VnlZgyHANsy78jm97ZHNAsr8jvSmO5cRG743_ZA7PcOTFme_lY2Gp_SDsCD180cSI969rGCtTnxVX8Otd3RcmqTyB5_Dg-kS4lmSLGxZGjg1nhImCtEk12M684BalDnNLLeDEBffNRfcjjqKKJvH-80Y6dpOTa4-IwSc6j_sINiTLlvMZwuIasPAUu55brvHWv64SErM6tMaEfk2EetwB6uGrL8v1Lh6KYnx14w6YRZ1_cxmRiWQ8Ta9C0yQ3IV5_ZBgEf8lcU3UrckPAiF9m2pxhUnkxCIxTwt-4SajJIFo4R9ZERAWgWO9S43LKQyRlJl6owGojseCr6NsWMlKzTVGBlqK1uoSW8u8hwjxFuPnge-0kcBzkXLh&sai=AMfl-YThNyFMlv0gHtnboQu9xF02AevbwJkggvPaDBwJOoyZ2sJMstWKAXO10QraJKMXoxpyNFpz8a_c_00BdFFzEepwvA_6ARtdGwfQ6ppaFISuMYGz29IX6vqLDrvubQICPgFFGUu-2g7tZ5XdXDtZ_hatWFJt6R3lkgUuZx8&sig=Cg0ArKJSzPIgtVnzW98SEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=138&cisv=r20211111.93257&adurl=

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 27 Nov 2021 07:17:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 09C2 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B6F4 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
DATA 200
OK truncated
/ Frame B6F4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edc33dafecef60bb1dc6e61e5c57525c57f4fc5bd8b5a1050a4924a6c1073092

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=3944675606;ord=j622hs;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoH41d9uh... Show response
ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/ Frame 59A9 61 KB
26 KB 92ms
51ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=3944675606;ord=j622hs;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoH41d9uhYdP5KIuR7gPHzJ2gC9iW8dhmvZPh4M0O8C4QASDX84YiYJXatoLEB6ABo__PzwHIAQmpAj1RnsSV_bI-qAMBqgTzAU_QOG16mzCE6FJDMp0LsEZe0wOaUQql_2FCDP5tP-ONVp6UWVpt6xWhK9z8eJqhtHL9UgYjePF-fM1QsrVnrYvstc2EcAKsFNyq1hwVgwIYUAts0a6Szt7-eF_eU3105iMFs7-YWwgpuzOiBEF_dxBtKw4hpSSnQjosaAyFEDxjhhrqNajkVovrEg2AlHbTzdvB2wD_BUI-XsQfxvHBNnOzcwYiBU-9TBy-DSDlRdoaamtBVAtrgxlPkAT3zPMLbRa1JI0cz_H_D4YKuB0WUSt0mAvvsu4Cr6utaXbqaQiXMl-D-4oNPlq3mGfNxWphCAsgTcAE_5bD4t0D4AQDkAYBoAZNgAfFgLCwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT94WjDcgTvLbV3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRosNIpA9fsOtNqPiWafv9L6vfV9w%26sig%3DAOD64_2mlwGyw4SM1o3JtyTgWFvRg-whSg%26client%3Dca-pub-7948434009836314%26dbm_c%3DAKAmf-CG3MOk9PcsfYBw-Fb1DtdkLwZtBz755wdSsEoL_iBoU0FX0J-wI_VijpMETy_0UbkP1Ts0zNqfRdK4ATjhhO-4dS9mqHUmFsbwLx-t85is7JuyL8s4iFVpkH4N1wMu7Vt_TnKo9_T_RIEC9CnMh3c90ia5-A%26cry%3D1%26dbm_d%3DAKAmf-AV3vCh8JwN48MCcAkF0N-YvNN4-SK67KlQ8N2Wppet_1AmvRoyuDyLaJb5K-ybqpjBgxxIHmV9cSFC5T5FOjDVO7n72K552SukuwTRCeLL6zUa84rI-XdjVlFs_ekTiGNwJndqbrAS1tbvGUu-lSFJiX5S0ihQsA2jAaarJEyrbViRTeRqP060JflSOqDHCR1M5hwgHKqL8Uh2OL0cU345ZuyagDfypljX8K-JbfW7HnUYHcxHKxAICjRtZH-qz-MoRXnjfhrP8pFyuEtyC2AsFkd6fl0z812n-Smyq4_L7KwCVd8W4nUoNBcJEryccZMaFkyEwZCcjAd8gV5VET3EeMMY8_TvJ76uwX5zMVg4M4F-ID-OfrzvqgZO2TRos7lBewLWiCxlZqVWadgVnhuZCb77zQD0rIxdtidY_ZLg8rSCVsH8haq3xFt6fu4A5bX0--_bBt7yEK2w2R7xFQLVuHz77Q%26adurl%3D;dc_rfl=1,http%3A%2F%2Fwww.painaidii.com%2F$0;xdt=1;crlt=o-IRl1iYjW;sttr=86;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

81a043bef2d9c630fe8e188ce47d339e70d90e7019dc5ae88356dca07debb2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25934
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=943508953;ord=kbs72p;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQXgjd9uhY... Show response
ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/ Frame 1B1D 61 KB
25 KB 97ms
58ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=943508953;ord=kbs72p;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQXgjd9uhYdT5KIuR7gPHzJ2gC9iW8dhmvZPh4M0O8C4QASDX84YiYJXatoLEB6ABo__PzwHIAQmpAj1RnsSV_bI-qAMBqgTzAU_QWaRC8gj29Hn67-5xfD-JrwjDfRX0uokNyID9uzZhQbVgAxcIGNpVqlB349f6uWLX-viEWsbf2kYO2eZc_iautq---muIfsH0l3M2SVzpbE_HfdjO4ZaGlSnW35DSRng1d4TPdS_ZNQ_KPN4TNbtURGUTWVJ_1fZ55M_M5bgKvUhh_XIhJY9MZg4GYPFzDSqwY1J22yr3FQ3xELFUGZliBf7HaaFotf0fZE3YF_LreS7IvhCL-m6gce0S78aif1FuiosWKyD1u0ggLqc38bb5SfcqiHk5c6hWpOgOnYOqZ4lkO1i-5GhQjGM0Zn3HazV5q8AE_5bD4t0D4AQDkAYBoAZNgAfFgLCwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT94WjDcgTvLbV3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRopp22j92RVw0CNv-9dOfx_8exTQ%26sig%3DAOD64_0p51jQa48WqTJzELIpb1N0mpOrjQ%26client%3Dca-pub-7948434009836314%26dbm_c%3DAKAmf-Dxd1S_Xpxmff56GSXM52gMcW2YQNtydx2JXAUw0atWCBXiEfAzkP40cMQS_hmr2ysEHDKeAUFJAg-YqVSoWHWwsHwqzLRqtj1Q0WIJFZL6ci4y4DYo3EOxm7jaxXJcKkYivrwhcqk52fn5I_QLgrNI2w4j4A%26cry%3D1%26dbm_d%3DAKAmf-AVL2687MPMhQrUPgdZq5SenpABeJBoEZkoOBR9MuPGu27pfNMfulJR87T3rOo9UEj11EN7z4jQxuq5fPvl8pNsUHCyjRXrTTeZX7Ja9vpHBU7-L_VwvljLumqA5nwI6NrmlA4Kb63hyhdYxj6wVVksUtOzqi_MxNKeyiBMo5wz_KdBbL-3cWFdSgeUdpffsQatfuF8dWgJVjcLiGP0Tm3uV6xnNG9ZjXtQJuQCGpSPvVIZ_eqF8kpopGuizCp5qpALP6fCshHquhfG-M24gAOik6qBX8Veir1R3GLNiRimuClgEKB-B5kN6aUE9u93cCWsBaEZ0FMPMQywi22QJw3B_1ouKEGg5h7YFro0YLkFV3UcH9JDQvszWv2Fpda3FhIkoYeuuxpNA15ftavZBj8XYAQinmwJn49AWH2EAuVPLQIwEFLzwWHKS0EjWZAORn4mF5T4lYxZqRTzmOL3AGxN3-A02Q%26adurl%3D;dc_rfl=1,http%3A%2F%2Fwww.painaidii.com%2F$0;xdt=1;crlt=o-IRl1iYjW;sttr=94;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

d94495353021d00834f432f96ba7d381da54648e8ce7bfb1b7a088579dc7c83e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25922
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F39
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

85ms
85ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 07:17:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 07:17:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Nov 2021 07:17:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 5571 236 KB
63 KB 70ms
19ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 27 Nov 2021 07:32:13 GMT

GET
H3 200 300x250.js Show response
s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/ Frame 5571 35 KB
8 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2cbff2d6823039a7888f94c59be9840d97e79a516ae3d318228c612084631c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 10:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 12:19:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Nov 2022 10:10:16 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 464F 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame D73E 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 18:35:36 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 09C2 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 18:35:36 GMT

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 59A9 169 KB
59 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Origin: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:30:44 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 59A9 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=3944675606;ord=j622hs;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoH41d9uhYdP5KIuR7gPHzJ2gC9iW8dhmvZPh4M0O8C4QASDX84YiYJXatoLEB6ABo__PzwHIAQmpAj1RnsSV_bI-qAMBqgTzAU_QOG16mzCE6FJDMp0LsEZe0wOaUQql_2FCDP5tP-ONVp6UWVpt6xWhK9z8eJqhtHL9UgYjePF-fM1QsrVnrYvstc2EcAKsFNyq1hwVgwIYUAts0a6Szt7-eF_eU3105iMFs7-YWwgpuzOiBEF_dxBtKw4hpSSnQjosaAyFEDxjhhrqNajkVovrEg2AlHbTzdvB2wD_BUI-XsQfxvHBNnOzcwYiBU-9TBy-DSDlRdoaamtBVAtrgxlPkAT3zPMLbRa1JI0cz_H_D4YKuB0WUSt0mAvvsu4Cr6utaXbqaQiXMl-D-4oNPlq3mGfNxWphCAsgTcAE_5bD4t0D4AQDkAYBoAZNgAfFgLCwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT94WjDcgTvLbV3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRosNIpA9fsOtNqPiWafv9L6vfV9w%26sig%3DAOD64_2mlwGyw4SM1o3JtyTgWFvRg-whSg%26client%3Dca-pub-7948434009836314%26dbm_c%3DAKAmf-CG3MOk9PcsfYBw-Fb1DtdkLwZtBz755wdSsEoL_iBoU0FX0J-wI_VijpMETy_0UbkP1Ts0zNqfRdK4ATjhhO-4dS9mqHUmFsbwLx-t85is7JuyL8s4iFVpkH4N1wMu7Vt_TnKo9_T_RIEC9CnMh3c90ia5-A%26cry%3D1%26dbm_d%3DAKAmf-AV3vCh8JwN48MCcAkF0N-YvNN4-SK67KlQ8N2Wppet_1AmvRoyuDyLaJb5K-ybqpjBgxxIHmV9cSFC5T5FOjDVO7n72K552SukuwTRCeLL6zUa84rI-XdjVlFs_ekTiGNwJndqbrAS1tbvGUu-lSFJiX5S0ihQsA2jAaarJEyrbViRTeRqP060JflSOqDHCR1M5hwgHKqL8Uh2OL0cU345ZuyagDfypljX8K-JbfW7HnUYHcxHKxAICjRtZH-qz-MoRXnjfhrP8pFyuEtyC2AsFkd6fl0z812n-Smyq4_L7KwCVd8W4nUoNBcJEryccZMaFkyEwZCcjAd8gV5VET3EeMMY8_TvJ76uwX5zMVg4M4F-ID-OfrzvqgZO2TRos7lBewLWiCxlZqVWadgVnhuZCb77zQD0rIxdtidY_ZLg8rSCVsH8haq3xFt6fu4A5bX0--_bBt7yEK2w2R7xFQLVuHz77Q%26adurl%3D;dc_rfl=1,http%3A%2F%2Fwww.painaidii.com%2F$0;xdt=1;crlt=o-IRl1iYjW;sttr=86;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:13:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0ABF 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1B1D 169 KB
59 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Origin: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:30:44 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 1B1D 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=943508953;ord=kbs72p;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQXgjd9uhYdT5KIuR7gPHzJ2gC9iW8dhmvZPh4M0O8C4QASDX84YiYJXatoLEB6ABo__PzwHIAQmpAj1RnsSV_bI-qAMBqgTzAU_QWaRC8gj29Hn67-5xfD-JrwjDfRX0uokNyID9uzZhQbVgAxcIGNpVqlB349f6uWLX-viEWsbf2kYO2eZc_iautq---muIfsH0l3M2SVzpbE_HfdjO4ZaGlSnW35DSRng1d4TPdS_ZNQ_KPN4TNbtURGUTWVJ_1fZ55M_M5bgKvUhh_XIhJY9MZg4GYPFzDSqwY1J22yr3FQ3xELFUGZliBf7HaaFotf0fZE3YF_LreS7IvhCL-m6gce0S78aif1FuiosWKyD1u0ggLqc38bb5SfcqiHk5c6hWpOgOnYOqZ4lkO1i-5GhQjGM0Zn3HazV5q8AE_5bD4t0D4AQDkAYBoAZNgAfFgLCwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT94WjDcgTvLbV3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRopp22j92RVw0CNv-9dOfx_8exTQ%26sig%3DAOD64_0p51jQa48WqTJzELIpb1N0mpOrjQ%26client%3Dca-pub-7948434009836314%26dbm_c%3DAKAmf-Dxd1S_Xpxmff56GSXM52gMcW2YQNtydx2JXAUw0atWCBXiEfAzkP40cMQS_hmr2ysEHDKeAUFJAg-YqVSoWHWwsHwqzLRqtj1Q0WIJFZL6ci4y4DYo3EOxm7jaxXJcKkYivrwhcqk52fn5I_QLgrNI2w4j4A%26cry%3D1%26dbm_d%3DAKAmf-AVL2687MPMhQrUPgdZq5SenpABeJBoEZkoOBR9MuPGu27pfNMfulJR87T3rOo9UEj11EN7z4jQxuq5fPvl8pNsUHCyjRXrTTeZX7Ja9vpHBU7-L_VwvljLumqA5nwI6NrmlA4Kb63hyhdYxj6wVVksUtOzqi_MxNKeyiBMo5wz_KdBbL-3cWFdSgeUdpffsQatfuF8dWgJVjcLiGP0Tm3uV6xnNG9ZjXtQJuQCGpSPvVIZ_eqF8kpopGuizCp5qpALP6fCshHquhfG-M24gAOik6qBX8Veir1R3GLNiRimuClgEKB-B5kN6aUE9u93cCWsBaEZ0FMPMQywi22QJw3B_1ouKEGg5h7YFro0YLkFV3UcH9JDQvszWv2Fpda3FhIkoYeuuxpNA15ftavZBj8XYAQinmwJn49AWH2EAuVPLQIwEFLzwWHKS0EjWZAORn4mF5T4lYxZqRTzmOL3AGxN3-A02Q%26adurl%3D;dc_rfl=1,http%3A%2F%2Fwww.painaidii.com%2F$0;xdt=1;crlt=o-IRl1iYjW;sttr=94;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 07:13:00 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 464F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 18:35:36 GMT

GET
H3 200 300x250_atlas_1.png
s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/images/ Frame 5571 68 KB
68 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/images/300x250_atlas_1.png

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d421a9ad31cd94cc0aadf5705ecd39e7801d0a3a96d60b6d021a04378bd51a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6998391407183080388/BlackFriday_20OFF_BookNow_HTML5_300x250/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 10:02:48 GMT
x-content-type-options: nosniff
age: 422065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69353
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 12:19:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Nov 2022 10:02:48 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B6F4 0
23 B 59ms
45ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 76CD 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8975 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BqrNkeNuhYZaeHJb9bJGmumgAAAAAOAHgBAI&bg=!b2ylbCjNAAZQLpa_UC47ACkAdvg8WkNOAQcr-RK16aN4pIpueueyKIJ8Avdekqium5SY_xhkq1KJZwIAAAD5UgAAAH5oAQeZArHq7dVanfspUGsA8YW3gXE-cm-lvUXC-fFJtQXa285SZW6HF4dCZYZxW7qkD-3PbyvNzR7PiMQsMds-s5BX4RkZW0MrcQH2LK7OpywTvV_adzGS3Rq1eLxftVwXFUJaMmprPgCeTD3wn7vJacPZEaUx4iOsWvaZIJuRFLDNalrSL2l-Su5NhaNDH_0rkG26_cSuXrzjJKCSHzMyWJmzd0tIjapA-JHlfaRFZwoMcOzdXGMZww3nv9alF9QmJ0Sz5QalQwsC2sbGB_LNaPVfXDY6lco-0bQJKU1qvMGhLoy6dUSWOZjzj_EgYxNju4KFr4p-wLx4E0FP9yub7BDH3-HQs3D6DdVxQ8qSMpuyBU6lUVMwidKqWBzOdA74wesWpILfTCljUoTFU0NQIBKTLqqoAckD9BTBTqs4QZFJCo_eLEimXKCITaSgxsfJGM-j2QN4OcpXB3VWZBjxReff19tLB4ydRAJPfkcOwniJQFVC4JFWfXrQ7-CBUJndU5slSjGgTAJOoUGnebOyjMqBZpiZDD6bHLYjbQFUqUV_ukXvvtUAYF5-Z0t_8PKyE_PXgGIs23xag5OSQmUaK59Nd3LrpfoI262OmGCmW3PtCLFu9x6VD3k1eb-1U68HERUbOqCgOuCsEk8bsQ7bLrO86aQSerH4mHYMfXD9ESUB8HWhTBEBU6PS2BsACBi2PxzAfsSXTZJK4MsNOV06KlRY5rhspN3uuXVbAjfk854S8_JTO911Ca2t70fHUf1IaN3MmqWrCgR0b_d18MrNdnaHaLcgN8gdC2h2o_fm9ODdiKo1u8IkgMPGuADct9XFNEKLt-9W-WjawmJE-3TYT9P4gP7BZcJ3DrxCRRRTCfZnGKX2ef8unUSEcDli6brgxPDPYHD4IuEdlUIWkcJkmO72LFfIYw

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12595753840344563712/ Frame 2218 10 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8e7e796b2d6bfc1b3d455c1c3a6219b15d3570aeeb1e30f49b376be8e5efcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3081
date: Sat, 27 Nov 2021 07:17:13 GMT
expires: Sun, 27 Nov 2022 07:17:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59A9 0
23 B 43ms
42ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTA9ct80d0mskzu9-fATroqfNuLIRAFwgsN8S68NGKSx1zWYPNVMJ7n3rnwcJgfiPPdr_EiHPzetmmLosT1rvJhkg0oo8lpA-TRevFT1y4Hmdfl-sjHCD0QUW3rsxjFyxgLKFNV9rt65qekuopR1HWev0IZQ&sig=Cg0ArKJSzOZUj467ODoyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=166&cbvp=1&cstd=157&cisv=r20211111.33637&adurl=

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 main.gr.19.8.270.js Show response
static.adsafeprotected.com/ Frame 1B1D 187 KB
60 KB 96ms
8ms Script
application/javascript 2600:9000:214f:ee00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/774473/57793669/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:19 GMT
content-encoding: gzip
age: 380155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 21:26:13 GMT
server: AmazonS3
etag: W/"97555862abc91b6f26be3ae590ed242e"
vary: Accept-Encoding
x-amz-version-id: SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: -ECY1pmUseWnXYspZ9Y1Xcr8-AUllZD4Ek2z27cESoZ5Y39JibYNcQ==

GET
DATA 200
OK truncated
/ Frame 1B1D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22990263d56b05b361b0842f6cccbb34e692888470a1a6d30fe8e3cc251bd2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.gr.19.8.270.js Show response
static.adsafeprotected.com/ Frame 59A9 187 KB
60 KB 86ms
19ms Script
application/javascript 2600:9000:214f:ee00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/774473/57793669/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:19 GMT
content-encoding: gzip
age: 380155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 21:26:13 GMT
server: AmazonS3
etag: W/"97555862abc91b6f26be3ae590ed242e"
vary: Accept-Encoding
x-amz-version-id: SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: b7YAWpjT54Ls96S9GHfr5Pd-Kscz7jVYnVNjV-ykYsFBgnSGPS8AtQ==

GET
DATA 200
OK truncated
/ Frame 59A9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64ae6a79688422364676494595afdddba3ac2f1e21f49ca2c65e47fbc44c6696

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 55ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:17:13 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12595753840344563712/ Frame 34E9 10 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8e7e796b2d6bfc1b3d455c1c3a6219b15d3570aeeb1e30f49b376be8e5efcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3081
date: Sat, 27 Nov 2021 07:17:13 GMT
expires: Sun, 27 Nov 2022 07:17:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B1D 0
23 B 43ms
43ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7EMXwHsnxUJqS0JtBj_TaVuQeIpc6sECefY3nwLGsYj7iuJIn8kdapdz1BDo8RWX2kX5b7rpb48s91KpR_lM_hT0TnpA2gyzqPTO28Ey9B4Z0eGB8KENT3DbNtmLKnjC3BN9zX_ifSTvDIQcHx7GxeHLKBg&sig=Cg0ArKJSzDLrARc5ga-6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=308&cbvp=1&cstd=305&cisv=r20211111.35226&adurl=

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 204 csi
csi.gstatic.com/ Frame 259D 0
17 B 46ms
31ms Ping
image/gif 2a00:1450:4013:c07::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~kwhhdnp0&c=1259138053514&slotId=629569026757&qqid=CLX5vvj_t_QCFZr2dwodKXoPMg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=677&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vmfc=16&vhc=0&ccc=1&ccrh=0&ccri=0&ccrs=1&ccru=0&ccrhc=false&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c07::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/12595753840344563712/ Frame 2218 7 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

992d4d6b7fc5fa7f331c55ea8081376e031d2785411a6584010f48e94c5f4ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1662
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 14:54:44 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2218 118 KB
40 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 15:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 15:50:37 GMT

GET
H3 200 CustomEase.min.js Show response
s0.2mdn.net/creatives/assets/4314432/ Frame 2218 7 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4314432/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e828e6ad4d3fd31aff91f5e557efbbd3eb175eecd76de5fd226ceb94406151e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3639
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 07:50:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2218 60 KB
24 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:17:13 GMT

GET
H3 200 EON_BrixSansWeb-Black.woff
s0.2mdn.net/creatives/assets/4313292/ Frame 2218 55 KB
55 KB 9ms
8ms Font
font/woff 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Black.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f507503841f44ee6ba0104d59b7ce4a80162d2cb809314d6c15fcdf089b0e4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:15 GMT
x-content-type-options: nosniff
age: 118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55954
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:18:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:15 GMT

GET
H3 200 EON_BrixSansWeb-Black.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame 2218 43 KB
43 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Black.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4d5008015a20efea096181df1f1964538b745ea638a4197514d05b6c2341a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43744
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:18:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 EON_BrixSansWeb-Bold.woff
s0.2mdn.net/creatives/assets/4313292/ Frame 2218 58 KB
58 KB 14ms
14ms Font
font/woff 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941a3724badcabfe2080512c8f398df7626d38270e8f76c253666356955f3dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58905
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:19:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 EON_BrixSansWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame 2218 45 KB
45 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9a0f95ede822b1959d214ca0189f6b6390c3196696d4e54ea9141bc200cea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45704
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 EON_BrixSansWeb-Regular.woff
s0.2mdn.net/creatives/assets/4313292/ Frame 2218 58 KB
58 KB 15ms
15ms Font
font/woff 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c324008782d78640ecf39d78c8e7c12f7bc1fca88fdf78eb778a51916ab4219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58883
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 EON_BrixSansWeb-Regular.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame 2218 45 KB
45 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d0c47ebaa25efb04b800f2c5a886a2b14e7d812858b49a2f9e9a24cbdf42f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45764
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12595753840344563712/ Frame 2218 8 KB
2 KB 13ms
13ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66c77d8ff2941db7db72681bd8d20a098471a512bfaf2df207bac6b764fb1e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1976
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 14:54:44 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 1B1D
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/774473/57793669/skeleton.js?adsafe_url=http%3A%2F%2Fwww.painaidii.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7aa877f3819c26268a2754876385e115.safeframe.g...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

7ms
7ms

Script
application/javascript

2600:9000:214f:ee00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
age: 12350477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ghvulFsV_D565I1AOiLNoxGinkIAGbsE_vQKnp2OxlcHqVwxlFjosA==

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame B024 80 KB
21 KB 8ms
7ms Script
application/javascript 2600:9000:214f:ee00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 249355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: HZ2PHG0YLI16rfEMhNJybgRSXdweotJ76sv3fvJ5W9vhUOCAhxjpnQ==

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 59A9
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/774473/57793669/skeleton.js?adsafe_url=http%3A%2F%2Fwww.painaidii.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7aa877f3819c26268a2754876385e115.safeframe.g...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

7ms
7ms

Script
application/javascript

2600:9000:214f:ee00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
age: 12350477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dGsUgdcOcvI93cF6U8ycVyPbG_vFBMaboq4w7L_ae1DNg_C0pJzk8A==

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 6AD9 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:214f:ee00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 249355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: J5THLmkuadv4gH8dQfKu11shMJW6Du1B4Z29xAVDIXD2B_-Ab1wolA==

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0ABF 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/12595753840344563712/ Frame 34E9 7 KB
2 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

992d4d6b7fc5fa7f331c55ea8081376e031d2785411a6584010f48e94c5f4ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1662
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 14:54:44 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 34E9 118 KB
40 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 15:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 15:50:37 GMT

GET
H3 200 CustomEase.min.js Show response
s0.2mdn.net/creatives/assets/4314432/ Frame 34E9 7 KB
4 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4314432/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e828e6ad4d3fd31aff91f5e557efbbd3eb175eecd76de5fd226ceb94406151e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3639
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 07:50:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 34E9 60 KB
24 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:17:13 GMT

GET
H3 200 EON_BrixSansWeb-Black.woff
s0.2mdn.net/creatives/assets/4313292/ Frame 34E9 55 KB
55 KB 11ms
6ms Font
font/woff 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Black.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f507503841f44ee6ba0104d59b7ce4a80162d2cb809314d6c15fcdf089b0e4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:15 GMT
x-content-type-options: nosniff
age: 118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55954
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:18:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:15 GMT

GET
H3 200 EON_BrixSansWeb-Black.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame 34E9 43 KB
43 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Black.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4d5008015a20efea096181df1f1964538b745ea638a4197514d05b6c2341a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43744
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:18:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 EON_BrixSansWeb-Bold.woff
s0.2mdn.net/creatives/assets/4313292/ Frame 34E9 58 KB
58 KB 12ms
8ms Font
font/woff 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941a3724badcabfe2080512c8f398df7626d38270e8f76c253666356955f3dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58905
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:19:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 EON_BrixSansWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame 34E9 45 KB
45 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9a0f95ede822b1959d214ca0189f6b6390c3196696d4e54ea9141bc200cea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45704
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 EON_BrixSansWeb-Regular.woff
s0.2mdn.net/creatives/assets/4313292/ Frame 34E9 58 KB
58 KB 12ms
9ms Font
font/woff 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c324008782d78640ecf39d78c8e7c12f7bc1fca88fdf78eb778a51916ab4219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58883
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 EON_BrixSansWeb-Regular.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame 34E9 45 KB
45 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d0c47ebaa25efb04b800f2c5a886a2b14e7d812858b49a2f9e9a24cbdf42f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45764
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12595753840344563712/ Frame 34E9 8 KB
2 KB 13ms
10ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66c77d8ff2941db7db72681bd8d20a098471a512bfaf2df207bac6b764fb1e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1976
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 14:54:44 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 291 KB
82 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=a73e5bb6df2af08f31f5e50aab761f58

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ad3d74f9faf23a789eea0e1050644404756a3254a09ac065f7d279f2f893dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.painaidii.com/
Origin: http://www.painaidii.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ir5qT3rFzR6Su/zkt0fXyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84350
x-fb-rlafr: 0
x-fb-debug: Cu8WDRNXH8BFINZO4eMlNN+0T3vI3H2gsWVCoTdok3cdxjwbG+555Q8qxVn2aG4poJXdEYFMnQX3DPCMfx2PAw==
x-fb-content-md5: 81b63ea96ac80264c6423ace76f60b44
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a85728e23d837f010a5230c3b8ace357"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 27 Nov 2022 06:59:24 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1B1D 43 B
301 B 272ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=a7361e66-2e5d-df98-7973-9cce87ad3ce9&tv=%7Bc:v9lwhp,pingTime:-3,time:401,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:400%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:401,n:400,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:325,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B87~1,0~0%5D,as:%5B87~300.250%5D%7D%7D,%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a1%7C1a21%7C1a3%7C1a4%7C1b*.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1B1D 43 B
301 B 291ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=a7361e66-2e5d-df98-7973-9cce87ad3ce9&tv=%7Bc:v9lwhq,pingTime:-6,time:402,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:402,n:400,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:325,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B87~1,0~0%5D,as:%5B87~300.250%5D%7D%7D,%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a1%7C1a21%7C1a3%7C1a4%7C1b*.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.painaidii.com&br=c
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 290ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lwhv,pingTime:-3,time:384,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:384%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:384,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 286ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lwhw,pingTime:-6,time:385,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:385,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.painaidii.com&br=c
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt52.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 76CD 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:41:34 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1B1D 43 B
301 B 261ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=a7361e66-2e5d-df98-7973-9cce87ad3ce9&tv=%7Bc:v9lwik,pingTime:-2,time:458,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:81,bdZ:576,beA:668,beZ:670,mfA:977,cmA:980,inA:980,inZ:983,prA:983,prZ:988,si:994,poA:995,poZ:1009,cmZ:1009,mfZ:1009,loA:1070,loZ:1072,ltA:1126,ltZ:1126%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:400%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:458,n:400,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:325,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B87~1,0~0%5D,as:%5B87~300.250%5D%7D%7D,%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b*.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:131,readyFired:true%7D&br=c
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 281ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lwiq,pingTime:-2,time:441,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:104,bdZ:581,beA:694,beZ:695,mfA:1013,cmA:1013,inA:1013,inZ:1014,prA:1014,prZ:1017,si:1020,poA:1021,poZ:1027,cmZ:1027,mfZ:1027,loA:1079,loZ:1080,ltA:1135,ltZ:1135%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:384%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:442,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:114,readyFired:true%7D&br=c
Requested by: Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt43.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CE6 42 B
64 B 53ms
39ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrQFZ2JePmrj4K31raXOijXf8WNlH9zDSen2SHK5rv2p2ozCuCNp83qkyU5J_vrNgPMK6SCgtxKpxzFQ0RJNPg2xqYh6Zx9K8ZfjNr2EA3CRlV6-cE&sig=Cg0ArKJSzK9wJTWo17JdEAE&id=lidar2&mcvt=1050&p=160,320,460,1280&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3237864345&rs=4&la=1&cr=0&vs=4&r=v&rst=1637997432699&rpt=95&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2218 232 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3541a291c616524557d75d04f5bf296fca63f3ee5ca5df78e045e48eaba9dcc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2218 232 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887a71da48b4df1b36827f3437af336dc249878d36e97634328534860a0c0ac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 icon-i.png
s0.2mdn.net/creatives/assets/4313155/ Frame 2218 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4313155/icon-i.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d31a55ac6a80651bdcc96fcf6ad9feadb814068fd6e9a7ea601d9535ab181f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 16:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

GET
DATA 200
OK truncated
/ Frame 34E9 232 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3541a291c616524557d75d04f5bf296fca63f3ee5ca5df78e045e48eaba9dcc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 34E9 232 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887a71da48b4df1b36827f3437af336dc249878d36e97634328534860a0c0ac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 icon-i.png
s0.2mdn.net/creatives/assets/4313155/ Frame 34E9 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4313155/icon-i.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d31a55ac6a80651bdcc96fcf6ad9feadb814068fd6e9a7ea601d9535ab181f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:15:18 GMT
x-content-type-options: nosniff
age: 116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 16:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 07:30:18 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59A9 0
23 B 42ms
41ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2218 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6bbb53518da7884c30ed98c49a45c242570ad992a968834f949510b79a6383e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5197
x-xss-protection: 0

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 118ms
118ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=114215282007768&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.painaidii.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=a73e5bb6df2af08f31f5e50aab761f58

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: p+hQKmTWsDsKyI50kOca6DjEYsrEXmn8xSWQbHZ+NglzWIUp5OYv/KD2XcA5XsUkEEktn3uGH0izfaz5Dl+B/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Sat, 27 Nov 2021 07:17:14 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.painaidii.com
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B1D 0
23 B 42ms
41ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1035309969&utmhn=www.painaidii.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E0...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1035309969&utmhn=www.painaidii.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24945841-1&cid=438431747.1637997432&jid=143470102&_v=5.7.2&z=1035309969
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24945841-1&cid=438431747.1637997432&jid=143470102&_v=5.7.2&z=1035309969
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24945841-1&cid=438431747.1637997432&jid=143470102&_v=5.7.2&z=1035309969&slf_rd=1&random=1224701688

42 B
501 B

42ms
20ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24945841-1&cid=438431747.1637997432&jid=143470102&_v=5.7.2&z=1035309969&slf_rd=1&random=1224701688

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24945841-1&cid=438431747.1637997432&jid=143470102&_v=5.7.2&z=1035309969&slf_rd=1&random=1224701688
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2218 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 07:17:14 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 54ms
23ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:17:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 34E9 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1510a812f3ae32b2e9202739eb2d3680c594d44a777fd3ad752af11586855a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5222
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B6F4 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTkUpmAPxz99M67RwNifu12FGhzsmNFy3W98yyiy7_yuLH6fC0gElW1dqgkiNYDz9DqargjdaTuz4xczGziRyjNZHWIXHwSgBXCmPdSlfSeWbKw8sxhw&sai=AMfl-YRvfekJptTC6eKCzkGxXfueDFu6DHsD4FO2j4YHHa54comQMF60wo7M9gxxDY7nTRoYCidoHfFtbAaZGJrl6TU6AGymoX-0-Zm8aiKaIlGPDAW1o4UkVkcqM0Os0_Kg&sig=Cg0ArKJSzFhZ387sOpTgEAE&cid=CAASFeRoqnD7DyXHgg15u6ssS8Ij0TKHxA&id=lidar2&mcvt=1040&p=531,960,781,1260&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4121210095&rs=4&la=0&cr=0&vs=4&r=v&rst=1637997432709&rpt=374&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D73E 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpBdqeNuhYdiTMuSQlQeg-qqgBgAAAAA4AeAEAg&bg=!MDOlM3fNAAZQLpa_UC47ACkAdvg8WkYjm5s2P_nipk3i1biZN3XEKQXbI99vvz0PTOWqInxHITXU5AIAAAKYUgAAAIloAQeZAuudqZqo3ySGqDc-WQA-dnl136xAzWMVfCgP8qbeFu4pFQJDXphguh_hSg0ah_Od6iW3UKw6Pr7ozWaZ3afxDSEWEFFBqz75bC3l6egIve0323m2_-UkU8hGAOTOgJvtACSBdOJKGUrhLNvcCucaS920VgFOo2dHeQuI5PqyY5RdsHOvvmKGxh37jNgpmIpQT7g70M1Tyd6F9AqLwy_-JkRpOgf8aDUEva1VUNmnXGh1is-JuwmXbUbrBiOWmFhUZV4zPXc-NoL5gp2bvn99LT1jx2S4Q59JqS8RJdAkSloqxADh5_oPRIxAIVgCMUINZqWKrJyVvarDCRv3wGHNBOGoyOUOysN7uWz8NusDMarEUKL5QYpbsJ5j7zeRt0h1sFWKCGqzXcTnjs08Bjo010QYhCw2uQidr7PAW-myG_aypgVMAX30etMhRyWIrrBuulj5J7LIbZdY0fzuYFsak8RMQRE9BeADewg5bkY79HULRufKCd48Ok5qRKwxzrPrpsYDAUwjtp8PlnkrsYXHwb6UmCTAZfEm_N-cXZ0c59G9i3IIu7ScmguFOkJoCpPGBRKg5961fkT-Z5efRq8MxPwCPiSdGlMr2M9z5Lp0btP1L9ZElWe0XhUEcn68nuN20Xk4LrNgTVIy2XEb5oNSmw6kK0GX6WZbcqkz64z6oB3DX7ImJ6BC07BszoAm7MWEHfFKebBWsFcNfp2rFkQrhmQXiYLWgNKmqFIGTA_Jpo6kj8iXwyQ8IxYXbYTWcDaLNsYa8SxQQaGyFMM4T8lQMWvRoISIz4tXBsyTlBpOaGoZ18MaB23EOCEbG6kbn3vMa1EKGIf2J-idC4t6uak4MyH1cmqvV9IRfeO59K7kEySKiAgvgRKGbEbkcZ8OtDlbjhvz9R_oa_FQhgo2rjiQ1jxrF9u5Z5VK68ozz1e2W3yJDBnzu5UQLMP4meJQvj5tIgpBw_LRi_bNSC_fDn1yqpuzGP1Qx2oj64qX5Qs

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09C2 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxagFeNuhYcehM4DO7_UPpbS6uAEAAAAAOAHgBAI&bg=!8vGl8bXNAAZQLpa_UC47ACkAdvg8WrWVsz74IzJhBTgHXVfiJ-mEWIDqzYkXgJVJFPFfdK8ow1YdSAIAAAKkUgAAAHtoAQeZAsI2ve3easc75UXIRKfuW2NYKAsG-DiiCppjxmy8yx07zdXdc1bdeEq9PpPjD9085vf1iLwmWOBrTl_cRWN5WOXQO1fxZUJB9MLGLn7wjz3fF9gLfta37bk1ljuENO0XfYeJUMCvb58a7TUETZYpYQqOICjoYTsZpZLz-I4jenB3TZoixnE8dQ6EC4DhZf0rh5L6tQWz_MDHn5Bh0QNX2om5bQWlzoxNqoGx0wIs2S8tgQGFBSz0wAB97WQxlGmm9fHt4lZhJ0WQZCGuPr_S5T2Q9rSq1nH9I4lsdzszyTiAgt1YuGljwa4CMQpA7GVsRAOw3rSV7GSwrsaGTVMa3y2fyQg42SNLt0dzEfgPoBo4VJDeRNVMex3gflFP-e63ObHiNalFjhWLL6uLDvJPWfT8x_tnTJeUg6r94pdByo4ehp61nsPjhZoPuYrBDCeouiwqC5LqAIMCWInQnPxO-1FtLRR9Ot2j3CTOCda5knd6qsZ8LVkc13QaScHa7GzOc4ZsYsXkc7rlOXJP3kh90vKSC4BecCIvZ6kbrylZz_qc8Rp0Pc-11EYEq684mTp8WLmOoEHcpOd5OEn6FGN1lw9wMbGpGezfDJ2l_iFXAA8nNaAGAsZRb0C0XmqugOXAmJ_GWxU5gqZQ3bFEmG969J74BS8AVj8SdFsOoQ44_nSPzDmJFp_Q_2exjGGFvRLV4fuOHq786r9FsnE2ZPqaOlGg0ThjqWBMnEoao2yLADG8COs3Ipjw41DXtN3u680zcJHN3-8BhqBkA5n7cptW-_VJ84enW4MJS0RmM7Zy8FamyD_RXI2Xkj_eFlSDhQn-4cz0WWFhynDPvNg_9_q9qLsViBW-ChH0QeN5Fx1ohQLgoltdXny55u33Nftlz3btHeAyDHIhhFzXHIuXvgPeCe8ABD-ZGZM4r5Yynv5zG27Wy2VX

Requested by

Host: 7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
URL: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 34E9 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 07:17:14 GMT

GET
H3 200 sparen3-gut-300x250-push1.jpg_1637231250575_sparen3-gut-300x250-push1.jpg
s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/ Frame 34E9 24 KB
24 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/sparen3-gut-300x250-push1.jpg_1637231250575_sparen3-gut-300x250-push1.jpg

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb299018945d4762f93f77abaaf56379fe5a7a72bead6e62fd45f8ad26860ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 16:44:37 GMT
x-content-type-options: nosniff
age: 52357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24901
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 10:27:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 16:44:37 GMT

GET
H3 200 sparen-300x250-push2.jpg_1637231250575_sparen-300x250-push2.jpg
s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/ Frame 34E9 9 KB
9 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/sparen-300x250-push2.jpg_1637231250575_sparen-300x250-push2.jpg

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c50271fbe7088cce553c0dd7c52606c6b4f706188d979320adf6a685ff1d691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=I9mY2AXWLj&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:55:10 GMT
x-content-type-options: nosniff
age: 58924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9302
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 10:27:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:55:10 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1B1D 43 B
301 B 94ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=a7361e66-2e5d-df98-7973-9cce87ad3ce9&tv=%7Bc:v9lwo8,pingTime:-10,time:818,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1637997434207%7C%7C1d6718e0d9ce7b73608e762967cc7b3d%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7Cd5f6542fd59690f6ec03955a2f37ea4e%7C%7C670d93ba5517e23c5d71b268fc74073b%7C%7Cb83e535e04d84e1cd858d65ca89b5d46%7C%7C9355750c616a09eb1154ce87b361e3de%7C%7Cf65aa9211e1ba36926a648fb1227325f%7C%7C1629390669,im:%7Bimprf:%7Bttecl:1195,ecd:8,tsecr:188%7D%7D%7D
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt43.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BE5 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 18:35:36 GMT

GET
H3 200 sparen3-gut-300x250-push1.jpg_1637231250575_sparen3-gut-300x250-push1.jpg
s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/ Frame 2218 24 KB
24 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/sparen3-gut-300x250-push1.jpg_1637231250575_sparen3-gut-300x250-push1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb299018945d4762f93f77abaaf56379fe5a7a72bead6e62fd45f8ad26860ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 16:44:37 GMT
x-content-type-options: nosniff
age: 52357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24901
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 10:27:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 16:44:37 GMT

GET
H3 200 sparen-300x250-push2.jpg_1637231250575_sparen-300x250-push2.jpg
s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/ Frame 2218 9 KB
9 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/sparen-300x250-push2.jpg_1637231250575_sparen-300x250-push2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c50271fbe7088cce553c0dd7c52606c6b4f706188d979320adf6a685ff1d691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=S5saVKJCyx&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 14:55:10 GMT
x-content-type-options: nosniff
age: 58924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9302
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 10:27:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:55:10 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame C758 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 18:35:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 464F 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOliteNuhYdnvMY_v7gOzkqf4BwAAAAA4AeAEAg&bg=!wcKlwobNAAZQLpa_UC47ACkAdvg8WlbCxbasHQbWZ_ny5l48g-t2HROH3z6TlKirovENhp6nj898hgIAAAJvUgAAAE5oAQeZAsYUmzISM4VCO2TdxMv9WTih7wmZmjLl6V2SH1QXxsV8duUw8eNErz7JKruI-B0lZlyAF-BWJEmjP1eUgWSbs21Qk5DCWeTMqBjhPJC11AF63LOzfZ1gURxUZDdxvnmBk1fwHCkaZ8Y30R32Q18J9Jpc6EYAdP59y63UUXRzZC-WSXZlZDLRwKyw0DpVyAHEXE_9vn099P4A-afIOZzhBPYbHmD2x8pp4NwE9HVZPhBYiAqHnJuJqFxhL4DFiLrEcLJnQuMj3q89-Gb10ZPdCWjz5HyoZR1RmNxQsLtEwnoE_TYx8KoTc9UhFCXy-bTid6MixeDRBKgJGu2xyjKd5IEgyfkrp4mZqbHX73jIK3g8tdo-Z0KzzbAfDWhBF0r0Gqg_Fi_lAmoGb2SPRvCFwxFqzQUFqhuTF5Iw80aisQYNQrm-ZwA70AwNV926jr4TNcv9SR6OWQqaxCERoCeUt0u8ZZ1EzD-fNhk05GCuQRp45T5y7PWCDkpVr7Rumh8p0fJbUE-3RMpkvttKKUAcMFNwPFbeeQagsb_ixhGctib7hGgdj-zWBU70Yl1GcsKPnztVTZn7X7RVuCsIxZtn3LTqMBehwzJot0fiaccBvTV8OUwIJHia4acwF1MBaCQoA6RvjOvedPwfVnO6ZqAGfHfdeeD4DSKXQSXkgE5XfcD_7zqUPQ7zvZF_1jJHgrubm8-rvf_SGqHWp_e-BVPDyV5CGykGdrpae9Qw-kt8EXyN0t2nP3EFK3PfNeFHdbJLvbHdxsms196-xxQaz5QqgQBLvS5CcJoe-C9Q_hpvirLOlk3l3ukSBBE66WbRxAXuNY_uVqsTfC6SbH-IooYl16AVcihpjj67AF35zru6FjLQufC7jDkBRhA6JUYVvhqDiyULi9wkwNvDY6R7kGJ7y6U7WcyVmuOPJ9O8RBtZ20AMw0HBtqoN8Q

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 94ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lwqA,time:947,type:e,im:%7Bimprf:%7Bttecl:1199,ecd:8,tsecr:174%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:480,o:467,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~300.250%5D%7D%7D,%7Bsl:i,t:467,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B480~100%5D,as:%5B480~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:358,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: www.painaidii.com
URL: http://www.painaidii.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt43.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ABF 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2gj0eduhYYm_Cd-a9u8PzZ2HgAgAAAAAOAHgBAI&bg=!tLelt_PNAAZQLpa_UC47ACkAdvg8WtnpbGytOUnxdBu7vuZuQvj1QcheBW7VqdqR98K0QKgS0ElosgIAAAGHUgAAAChoAQcKAExGZZ4I3-WUIPve629TL8n17FoxaDnUiKI2OHkvhY7OQLE_8MH4lYW0bMhSWZ0lwyxA4MNvlKQC35OR3WNSYCojg_Ye4GQUsJP8qlI6mQLRCz93Nz-vjk4aUzb31eFG9GqCA3JITSrXqmxBbzjoTWbSlfANRQ_85IsXvVV4h5DM7qw1Krntgd51JF5FDTX9n1GZYgPSmLaz-vZGHdp6JVIzAdAjFuL7OPjtmNOoRpfJJ7pmglxso390OYLc73DXMSWSD1Cfr5ZHvNe6QPDKITinTDEDuYp97v5V6dVGbpMtPS4zHjdP-bHOU526kJUeNlKwE6yTMr9qgGV-4PxIJlMak7jzGd60yMWO0q3hQ3j8ogHI6r1wydwXVDePop61QSrqDqPz1LB8ZpZRAX6UV0zDfZGy7Djh6PvUdzAhhSf-Z0rV7qE534mLeEuR-qpooVwEJF-_t3NqdOHsM3hBlpC2-GRUW4iihRKBjM4RnlrjgPS2MAWTaAkgDtu8RtnHUCIYAkrFh07BKQbqARp5il5VbCdtO7ddq43AJm9Lj5P0_5r96Wke33GYdbfZsp3oZMa8kzuBrGqu9zLWFSg3_PEFuUiATGmWtFfQ1YUDTYWvijGH58wy_YZ2V7yayz9QPicV1A3oR7f2TgycCAxm3MBCmerdvmEAiQiyBuYpBK9ggKzx1QSbHZZWw3bZAuhPla1XZkhk4xCtsxj_zQgET38GVTxEroaUjxSPnyMZKt9P7DmWvs6DQYVRj9tvmbv31VhRvVX9sOkO5Ber9xxaKxd2s82sk293_hHejO1JJRhJ-txcJlfqbIrENWpktBOUN7LT9ZLizrIrqLQ6nxYmoZx0MkipMV0rXl2mAjyluPhuwwnan9tGhmYn4h5B6QCfqzi7Lwp8SApKR76L8K9debRI4UYgaeiiy5H6C1LOxuFxzM-9sBRBokhiJV2CgOKJeePBqYIVEbZVdH54O43czQJdpZa1uWTsLRYPNJ_Z2DgRJ2TfH9Ev1E3o_xw68tM_bUmc5V4-RDIbi9EGbe5aR6lwtb-Ou7BATCfXzjvay7GIgw

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 76CD 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQlhZeduhYb3FCdnu7gP15IXoBgAAAAA4AeAEAg&bg=!jI-lj8vNAAZQLpa_UC47ACkAdvg8WlMHWdqI6R5Uq0cTjvGqekRjDk6m47fP7OHFOFrryKxIFJFU5AIAAAFRUgAAACVoAQeZAs2WEVPWXxklMTDty41sj6L7y62aNYh5CmVZaxF4bfaS2q6i9JbNNOxAuC41NZHoCa6cenMUBUkep6uMnWaX_lxNh5NwOZxDa5hKUDl-sUFMfVwUHylnsHl1e7FlHPhR4i5h_XRNtFWYWGWY3z1JOXRwOb1kngSq5k4AXxgemunAlea7ma7XhOvSb2GHrJ6iI6PPwjizyGDUUfWnMBiK18-WHO0u7EMvio1DNhUARhdPkc8ne7zP1W-K2JoxmBec4pSFel-OLLYxuLon-3bj652ml-mbZXcI7Lo28sPgFL3ZT-XrhO1phY5XPdMGYxTDk_zuWhndJGcgx0gTggspWUBqqAkxxikJsmiXLIV1PlmK48mWCT3pjxUTYbbUflX-R7OIdYM8Yaekx65C51p_-M_kgZJFyOOTx6q6y4rv8u7aR-xSI5BB41DXbyuXlTEK17ZgWLgLIjByvKHdy4TwIIXgF3C7B2rcT0AkLLrDIpOr6cj0dXQzzzeFo-xEjSlujfI1gYOh5XNUMlXTrhfkJFwY6YAaHk7aDusidvsZFeDbntcz0EM3-5U1HmJWen9HjV45JedPQ4C4gSI2yHFElPiP7NSH-U0jKVg3ecZjz0YVzMrJfQWMD09dDR2K0WH4x2IC2yaFQpsYdJhJGaJ7dlJjibYC24-gYjIcpHohSBwF3EB1LfZJKvTp9QOYnhw6iZIWys52YJq_xmM_XcsGbbmtKhTr03eKbW94G614g62YjFcCUmzr9177o0nhZSKKBeviZwLZImybw_OaDHEdjQCPTfBfQEdPFC6qzD_piKNFyU6tyhVzD2hL7HqVJ6iprvUFIVTrg65BJshwrjqg6BqdR4tf_YgtdaVr_yfFgkJMg_F57CEB3gOPWIG8ltR02N5OX7GaPOkhPQ2zbQKsNkcsIAJ_ZjgjpC21CkweqjUX5pmwu7ehmVxVbVGMUgY

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59A9 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ3x5_yvROTlMQaLQH5J7BXvdEm_N5ini8_X7n6qvGxlm18jjiKQuglfYklt21S_TQu8xxAqsmr0u95GBMBuwzFZDbGLYfhkA&sig=Cg0ArKJSzAU2azUWWzDLEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=3944675606&rs=6&la=0&cr=0&vs=4&r=v&rst=1637997432719&rpt=721&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59A9 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstITbbQKySvleomEw1x8DJibCiHF0AfgDf3-Hs7qBADULQD23Mp0RQ8EJJCcQOrN-5ONDTy9jH_cLbaHEnaH0S1pMaeVZC4jhthJe0Hu2-7SFM5jAXFAw&sai=AMfl-YR1Da2Md49-THb_nifa5sASgnRXHyehWItIfNcNuXluZd-_b0gAbfADHDQanROBoiRKYs5_4NrmwlN-jx5NvrvddVUNjw3_N6jxItCyvd4DQgl_Q3_i30fr_gH9w6Xi&sig=Cg0ArKJSzAUJc1SEbPKQEAE&cid=CAASFeRosNIpA9fsOtNqPiWafv9L6vfV9w&id=lidar2&mcvt=1002&p=790,342,1040,642&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1824630438&rs=4&la=0&cr=0&vs=4&r=v&rst=1637997432719&rpt=718&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B1D 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJMVaVcF5V-b-GCX3s8l2lmkwgh-aakDsEB_wmp_rLWz91blZghGYeqL_aCqPUQSrzlt-4PAyV5frOOJgaXPasaiFalTmgBJUh0c4GaWQjQcnIIAlqHA&sai=AMfl-YTQoo1z8BhACl9ScSJ7ft6EdYCcDVLKNeR9e3F7eHX9U8rZtkx1eZs-ZyTC45i8gClyj-80wxXmVK0X6grapODmZ8fakLswA38CASodScFTme_BBELDsygRju8zyLYE&sig=Cg0ArKJSzK3dvoIqPp9IEAE&cid=CAASFeRopp22j92RVw0CNv-9dOfx_8exTQ&id=lidar2&mcvt=1003&p=1049,960,1303,1260&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.59&if=1&app=0&itpl=20&adk=2947140390&rs=4&la=0&cr=0&vs=4&r=v&rst=1637997432722&rpt=686&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 20ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec578e9d5a238767db3b742e875957ef59df2493cd0682fbadd54957413495b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9233
x-xss-protection: 0

GET
H3 200 login_button.php Show response
www.facebook.com/plugins/ Frame CFF9 34 KB
13 KB 147ms
147ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=a73e5bb6df2af08f31f5e50aab761f58

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca2375b6e763c24427c2f71d4b7d615bb85354264ad7c71b6936fe6d869a1df0

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 8mBviFv6mc/KvUiQN2IkrdS97V5H9uKg0/9AzZMmcoGKEsZv/10Qyi37ck5rE8LoVhn7eEUAoAHl5vdXwsah8A==
date: Sat, 27 Nov 2021 07:17:14 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0447 11 KB
5 KB 26ms
26ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.painaidii.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1871
date: Sat, 27 Nov 2021 07:17:14 GMT
content-length: 4685

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 07:17:14 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame BE10 0
91 B 22ms
15ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
date: Sat, 27 Nov 2021 07:17:14 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 213E 14 KB
5 KB 86ms
13ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=65813
expires: Sun, 28 Nov 2021 01:34:07 GMT
date: Sat, 27 Nov 2021 07:17:14 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7F9D 281 B
554 B 51ms
13ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 27 Nov 2021 07:17:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 967D 52 KB
17 KB 49ms
13ms Document
text/html 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 28 Nov 2021 07:17:16 GMT
Date: Sat, 27 Nov 2021 07:17:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame E0FB 2 KB
1 KB 56ms
13ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sat, 27 Nov 2021 07:17:14 GMT
Connection: keep-alive

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0447
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=painaidii.com&sn=ChromeSyncframe&so=3&topUrl=www.painaidii.com&bundle=h3JJjl8ydDJkaGZuZzVkN2xFN1VmWSUyRkNOcVZLMUV0UTVabzU3cGp2SXYxbVlKbW5H...
https://mug.criteo.com/sid?cpp=xM8s4nxZcE1Vb214MGFjSjNBK1BhR3hLdXl6MnBJMFJ3UjVkK3lyd3NmTEhqRXJnM29QdDZRdno2cEtiUTdFYXMwdTNBeG03ci83SnJ5L0RBSEcweWhnS1JUb0VDRmFha3lmbDdjcE9mSFZHTjQ1TXcxTmk1b2xtWFlKNU...

446 B
628 B

18ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xM8s4nxZcE1Vb214MGFjSjNBK1BhR3hLdXl6MnBJMFJ3UjVkK3lyd3NmTEhqRXJnM29QdDZRdno2cEtiUTdFYXMwdTNBeG03ci83SnJ5L0RBSEcweWhnS1JUb0VDRmFha3lmbDdjcE9mSFZHTjQ1TXcxTmk1b2xtWFlKNUlhTk0vK0VrbGdnNnBTOGVwb2dXNDRPS1hVb2ZvMndLVkhhMUl1dkJqLzJ1UDQyOGhVNEp6Nkk1L0w1WDFYTzEyNjFOU1NVTGd3dmhWd3BDYkhyblZQeXU1dFBSalI0cllIWlMxVDBUaHlrSXZmOXBSeG9CUkVMalh5bExQRUZITEtTY3hkT2RzNHkyaTRFcGNrMVFqMnArajVFVHFuNUt4amVRZFJxZVdPanNzTTlESnRyND18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

51ab43b24f9e57203f8c23a6c6bf2b87129342bd2fbf0033553639ad1c563595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 27 Nov 2021 07:17:14 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3557
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 27 Nov 2021 07:17:14 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=xM8s4nxZcE1Vb214MGFjSjNBK1BhR3hLdXl6MnBJMFJ3UjVkK3lyd3NmTEhqRXJnM29QdDZRdno2cEtiUTdFYXMwdTNBeG03ci83SnJ5L0RBSEcweWhnS1JUb0VDRmFha3lmbDdjcE9mSFZHTjQ1TXcxTmk1b2xtWFlKNUlhTk0vK0VrbGdnNnBTOGVwb2dXNDRPS1hVb2ZvMndLVkhhMUl1dkJqLzJ1UDQyOGhVNEp6Nkk1L0w1WDFYTzEyNjFOU1NVTGd3dmhWd3BDYkhyblZQeXU1dFBSalI0cllIWlMxVDBUaHlrSXZmOXBSeG9CUkVMalh5bExQRUZITEtTY3hkT2RzNHkyaTRFcGNrMVFqMnArajVFVHFuNUt4amVRZFJxZVdPanNzTTlESnRyND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1938
content-length: 567
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B1D 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsgu8RxODa6tO5J8k_-41aqxXdFK5bePhmoJP9mjxS7WNIMGw3FArFbYaYhzi5gDgMcF5vzZS3YNnCVO3F-EqFH8Iv2VEdKQI&sig=Cg0ArKJSzBnexNh3Zn90EAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&app=0&itpl=34&adk=943508953&rs=6&la=0&cr=0&vs=4&r=v&rst=1637997432722&rpt=897&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7D14 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 26 Nov 2021 22:14:12 GMT
expires: Sat, 26 Nov 2022 22:14:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 32582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 41B2 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42cbf2f330b099d1fa7e136301c46e4b97415955b9134a0e5db5109e726ffddb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lsA4fkh5sCLrx1q2RsCs1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 27 Nov 2021 07:17:14 GMT
date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lsA4fkh5sCLrx1q2RsCs1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7F9D 32 KB
10 KB 13ms
13ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 23f53eb8e6f5ab2c67d8e63b25b9abe03408efa0529f8abed515259d7966f2f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73761
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Sun, 28 Nov 2021 03:46:35 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 967D 0
729 B 115ms
115ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 724edc42-1516-4ce8-acc3-bb975ab23a99
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame FE38 2 KB
3 KB 57ms
57ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c99ab6030aaca6a2c5cd756efc7de6157724f35e9e3354261f6620676e0bd61a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|46|65|31|152|176
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1536
Expires: Sat, 27 Nov 2021 07:17:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
Connection: keep-alive

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 41B2 0
0 43ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=685718571544148&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 213E 3 KB
4 KB 26ms
25ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96221848&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1da94f2f205b78f2c634f39039c5ad85a1793a10b690c22272c9344d7fae8191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D14 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 18:35:36 GMT

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 146ms
146ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: ri/nzXJpJJun/LM8+12UC6cOJiyJibp4QTcuAVWmn1EDGX3qa+ABmLVhDLxXlnsrX8AjkdUEA/NNXnBCjRD7Qw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 61ms
61ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: rdQovSzci55S8f3T/1CDyfyzDKnBMivqtcVdSyX0EvSjI37hme1oqqzvm/DpqQuZBl7ScdPqPVDUBT4Mge59ww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 140ms
140ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: P5+iyYlyQ10KVoM6NrDjKfx1GxbRPbRNamJfcl9ga9cQlwqLqBcqSEfE0VOiTQV6k7kWHLx5HTXQg5jO7AcutA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 142ms
142ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: W46M6yxpNwZmgKl9PaV5kg+Dkh8LKOtzsA2QUH8Hp4kWEOgiYHLP/+DpvJVE3CCxuu+r/khnsYEPfib7l6iSwg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 63ms
62ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 4nmKmmiReMr8Qe8WWfJVzej4EgVMyDtuo900+4UFs/D2TBjWSmvLNzcfdI3izxLSogG5tI9p65puOlgtwVryvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 150ms
149ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: M4XYXa2kHRLUm9L70trHw0EWZuf2AGjspxM9PTxG9W09uyTHa++4jNaTEb17+kdL26YCHBNdCBgMoWxxFEpvlA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 147ms
147ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: kCeCxffsm0gJhbhz/G6rcsZ+vRcFK9PN/zf8s3mAENcXiQBuq4XkmOVnJmjgr1lxVHvGs45D8QTe0UKXR5+pjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 149ms
148ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 29q6mf1OgiRz9znlHDZXTT1BCuAN+PQDWfW3z7C+PXteYpfpVPg4DhFu3eELOov6WK5TiGjY7WUlfvPItftoOg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 155ms
154ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: O+/l3oKZj3aqiB7PsI7MkVPsRL4QgU18mxDAYtM8E981J/RvLe/AgXGDhsypmA7saNvx9yWE/8N90AnK1SmEeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 146ms
145ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: JJkFinfPHenojqmaSxaWZWkTyfno19z68c8J37wgPoYO0M5Gsnfko1r8N55avOhFBa2DB73KZTybj02YXoPS4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 160ms
159ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: MN9H4gnrTG0NlCmsexkYg89AlWa39ex+HX0AeNI2nAD3le4k4BRr8TuODEDFQf3igyvjsRKnW0uEVaWQP5TxUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 149ms
149ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: bUsrPJAEhTv9tSYKUlnjyH3kbGU+cycl6wanHyZA3nRSv7u9AJx8GcpdGApLZRLLw1ZkGB9C4+wGPK6p7DJHRw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 147ms
146ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: pogXvgP4qaE7xFAFmz4BQYhj8ZoV/GQXYhRGv9gOwk6vchc6c5VQAiliBajMREVn12aFO0vYb+fKqXPjNgQc5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 157ms
157ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: skHVNeXd0PA9Lw62nreIUkcktn7jurvHOYpFj7pfdPCFG3sliGegOfPUdStI8ya07XvkReYvLC2MCO+a+DxWyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 146ms
146ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: v+1daKPe0UWXd3zOMvDjH/tyMs/68UcXnldux45/CzK56sVMOfbnpm8d2jMRvslXTrY+IiGSVOAH2oF9/fzL+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 166ms
165ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: Tctf7OH2QCyKHLoIvIZRATj8sSuh4h7PnWDqnTaKLJpSzrcprXgTSd0sQuSP1Q20OanMwEym2aiPKJsLK2vV8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 161ms
161ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: HXtVkX8W1smCgeo4q/fotItOykuOxZuy8LtnCn2r7FX47fymaR6AFLgA2LnpG59c5Oz9JjR33WT6kftGC/XFxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 167ms
167ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: W5jgJM5l/09BGSiHmkbcw9qHTvYnehL19W38sfuYxDGZpWZIse0OD4EQ7nt5Ff7DqnowQYpgcWxy4Cah1KK3+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 169ms
169ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: RXb8eNKQ34tFza1EEgQX3lpMpFjuI+tRuA2+z9vuWGjECM2Luev3xtUeD7LRxUGwptcekT1HXn3JeGftmkc/RA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 152ms
151ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: JoPo7z9UirlRDj9GgjaIw6mp4u+nJUhtN+GqG2oM5KhQ52QZWjzdmCrpVjL1/I8yPzGMjHN++X9l/S5M/HUEtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame CFF9 0
30 B 144ms
144ms Other
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: www.painaidii.com
URL: http://www.painaidii.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: H+/oQkuzYK+8KcBqgdO4lRnEc3ntb2KRBXcauKoDLFFbHGL7+dJhXIGdpCPD0h2Ck50ljyZF3dMxYq/TX+ZPpA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 qYG_pvNhLC1.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame CFF9 371 B
823 B 9ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/qYG_pvNhLC1.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/login_button.php?app_id=114215282007768&auto_logout_link=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa9346b9694cec%26domain%3Dwww.painaidii.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.painaidii.com%252Ff2ddb403fc1e29%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&perms=email%2Cuser_birthday%2Cuser_photos%2Cstatus_update%2Cpublish_stream%2Coffline_access&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
content-md5: ApFuUU9EOpmqxGomIy3eug==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 371
x-fb-rlafr: 0
x-fb-debug: YAOS3tGT7d1Hn1Xl/OzYT0gFKJO1She9vRpRhDg7deKzNpg8nJ2VHg5gnoreEx+09mqnA+yzvDTyJJPIxUjFtQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 20 Nov 2022 04:54:46 GMT

GET
H2 200 iqVGY7gYXlg.gif
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame CFF9 1 KB
1 KB 9ms
7ms Image
image/gif 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/iqVGY7gYXlg.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
content-md5: xus77tDlZhUxDt48lJn72A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1056
x-fb-rlafr: 0
x-fb-debug: H7MqRryGVRvlAOt3K+AsBIOLYBIouvdRd3NBFEdPEj5125dUbjYUnyPkseOBq61Wjsb300xXiJ56l8q3v9X6jQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 20 Nov 2022 04:55:13 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 9DFD
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F

35 B
477 B

17ms
17ms

Document
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 27 Nov 2021 07:17:14 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sat, 27 Nov 2021 07:17:14 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5D4C
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2470210704163507447

42 B
209 B

25ms
24ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2470210704163507447
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 27 Nov 2021 07:17:14 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug005:0:423
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2470210704163507447
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F7DF
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
187 B

59ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 27 Nov 2021 07:17:14 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug007:0:422
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Sat, 27 Nov 2021 07:17:14 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Sat, 27 Nov 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1721174

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 83C1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7035145409975613581

42 B
520 B

62ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7035145409975613581
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 27 Nov 2021 07:17:13 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug006:0:363
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sat, 27 Nov 2021 07:17:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7035145409975613581

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 16F7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaHbegAHtgzMrABG&gdpr=0&gdpr_consent=&_test=YaHbegAHtgzMrABG

1 B
253 B

12ms
12ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaHbegAHtgzMrABG&gdpr=0&gdpr_consent=&_test=YaHbegAHtgzMrABG
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 27 Nov 2021 07:17:13 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug001:0:351
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaHbegAHtgzMrABG&gdpr=0&gdpr_consent=&_test=YaHbegAHtgzMrABG
accept-ranges: bytes
date: Sat, 27 Nov 2021 07:17:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19173-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637997435.930228,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 213E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CeWZeN15SLKexFiPL-TMDw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

14ms
14ms

Image
text/html

184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=65813
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sun, 28 Nov 2021 01:34:07 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a25d61a1-db7a-4500-b26e-dc01c28a23c9

0
260 B

58ms
12ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a25d61a1-db7a-4500-b26e-dc01c28a23c9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 27 Nov 2021 07:17:14 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a25d61a1-db7a-4500-b26e-dc01c28a23c9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 27 Nov 2021 07:17:13 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 213E
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=09E59978-DD79-48B2-9EC4-588F2FE4CC0F
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=8eb081013d4cccabea1d6c172d28fa66
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bac804b8961246b3f740a1e3ac3ebe62

35 B
248 B

98ms
97ms

Image
image/gif

51.222.80.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bac804b8961246b3f740a1e3ac3ebe62
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: HTTP/1.1
Server: 51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS: pikafka-4.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Sat, 27 Nov 2021 07:17:15 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bac804b8961246b3f740a1e3ac3ebe62
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDlFNTk5NzgtREQ3OS00OEIyLTlFQzQtNTg4RjJGRTRDQzBG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

114ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:387
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED47icd4n_r6o4QZMotr_JA&google_cver=1

42 B
589 B

113ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED47icd4n_r6o4QZMotr_JA&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:410
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED47icd4n_r6o4QZMotr_JA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 213E 43 B
616 B 72ms
11ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 26 Nov 2021 07:17:14 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b7b61a1-db7a-4500-8673-450da3e81a17&gdpr=0&gdpr_consent=

42 B
340 B

62ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b7b61a1-db7a-4500-8673-450da3e81a17&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:425
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 27 Nov 2021 07:17:14 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b7b61a1-db7a-4500-8673-450da3e81a17&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 27 Nov 2021 07:17:13 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5517787165593516766

42 B
234 B

15ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5517787165593516766
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:469
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5517787165593516766
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e957c8bc-d20f-47bc-82de-bcd09466642f

42 B
293 B

12ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e957c8bc-d20f-47bc-82de-bcd09466642f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:432
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e957c8bc-d20f-47bc-82de-bcd09466642f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3681791446403730819&gdpr=0&gdpr_consent=

42 B
210 B

115ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3681791446403730819&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:336
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 77a505fa-3593-4a39-9f0d-950f4cdfbdc2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3681791446403730819&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uW8-2-s8aNKiaDnZ7Gly2b47a4-iZ2fdu2hjbyDG

42 B
308 B

116ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uW8-2-s8aNKiaDnZ7Gly2b47a4-iZ2fdu2hjbyDG
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:507
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uW8-2-s8aNKiaDnZ7Gly2b47a4-iZ2fdu2hjbyDG
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 09E59978-DD79-48B2-9EC4-588F2FE4CC0F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 213E 43 B
872 B 121ms
39ms Image
image/gif 2a05:d018:d29:3602:55f3:aa52:2cab:d50d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/09E59978-DD79-48B2-9EC4-588F2FE4CC0F?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:55f3:aa52:2cab:d50d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=09E59978-DD79-48B2-9EC4-588F2FE4CC0F&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-K9NJIX9E2uVJ2rhI6npDWeqG4jmvbuM-~A&gdpr=0&gdpr_consent=

0
128 B

18ms
12ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-K9NJIX9E2uVJ2rhI6npDWeqG4jmvbuM-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-K9NJIX9E2uVJ2rhI6npDWeqG4jmvbuM-~A&gdpr=0&gdpr_consent=
date: Sat, 27 Nov 2021 07:17:14 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 213E
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
https://x.bidswitch.net/sync?dsp_id=429&user_id=0322160d-55d6-514b-830b-071fe2aadc64&ssp=pubmatic&expires=30&user_group=1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b627a7d3-2a54-4b22-ac56-13910e4a8309&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

12ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b627a7d3-2a54-4b22-ac56-13910e4a8309&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:13 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:466
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b627a7d3-2a54-4b22-ac56-13910e4a8309&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sat, 27 Nov 2021 07:17:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FE38
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&dcc=t

43 B
645 B

106ms
106ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MNQ72RAQPQW3K30R3G1Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3B29Q11EJQTRCH321TBT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame FE38 70 B
265 B 96ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame FE38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1

43 B
315 B

28ms
27ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:14 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame FE38 0
0 51ms
13ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame FE38
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638083834&gdpr=1

43 B
315 B

66ms
31ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638083834&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:15 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638083834&gdpr=1
pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame FE38
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6912838341069742203&uid=Q6912838341069742203&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

13ms
13ms

Image
image/gif

92.123.21.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 92.123.21.100 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:14 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sat, 27 Nov 2021 07:17:14 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FE38
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=800d019c-0dea-41e6-b968-e65a0906e6a2

43 B
1 KB

29ms
28ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=800d019c-0dea-41e6-b968-e65a0906e6a2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:17:15 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:15 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=800d019c-0dea-41e6-b968-e65a0906e6a2
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame FE38 0
44 B 310ms
99ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
content-length: 0
server: a

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame FE38 43 B
424 B 14ms
13ms Image
image/gif 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YaHbeOaLsyGEHNDe2XQW.wAA%261219
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http://www.painaidii.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:17:14 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=933
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 07:32:47 GMT

GET
H3 200 0UDEfays_ZD.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yG/l/en_US/ Frame CFF9 516 KB
136 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yG/l/en_US/0UDEfays_ZD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c576d46147ecbaff23fa687d24b193194f388eba9d572933a7c20fa9985d270

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WB0z4CY894EdAox0sVdmEg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 139419
x-fb-rlafr: 0
x-fb-debug: TY1Ze8eg2bGgohsviQjfPGVgFiKPKc3QjkJBKg5vBdO8/UlhdqzgJvA+12MUkPlo8pn7s+aaDHY1EAJWJUVu2Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Nov 2022 23:55:34 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7F9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBQ3v3lbS1Ddre_z_gTxNKU&google_cver=1

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBQ3v3lbS1Ddre_z_gTxNKU&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBQ3v3lbS1Ddre_z_gTxNKU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 7F9D 0
0 27ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7F9D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/hf9yvkRBOd3502G3XjRztcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1463174972434543395

0
239 B

10ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1463174972434543395
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Sat, 27 Nov 2021 07:17:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1463174972434543395
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7F9D 70 B
264 B 70ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7F9D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c38f61a1-db7a-4100-ada7-66f055862a7a

0
239 B

9ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c38f61a1-db7a-4100-ada7-66f055862a7a
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Date: Sat, 27 Nov 2021 07:17:14 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c38f61a1-db7a-4100-ada7-66f055862a7a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 27 Nov 2021 07:17:13 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 7F9D
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWHHDN0Y-1S-JGX1&sigv=1&esig=2~592e3c2402b192d0d45cef165af9dd53c6b32c87

0
445 B

51ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWHHDN0Y-1S-JGX1&sigv=1&esig=2~592e3c2402b192d0d45cef165af9dd53c6b32c87

Protocol

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:14 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWHHDN0Y-1S-JGX1&sigv=1&esig=2~592e3c2402b192d0d45cef165af9dd53c6b32c87
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F9D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTFmYTQ1NDdjODk2MzU0Zjc1OTEyYjMxNWYwZGUyNjNhNmYwZDFiMQ

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTFmYTQ1NDdjODk2MzU0Zjc1OTEyYjMxNWYwZGUyNjNhNmYwZDFiMQ

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTFmYTQ1NDdjODk2MzU0Zjc1OTEyYjMxNWYwZGUyNjNhNmYwZDFiMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 7F9D 0
0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 94ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lwz0,pingTime:-10,time:1469,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1637997434207%7C%7C1d6718e0d9ce7b73608e762967cc7b3d%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7Cd5f6542fd59690f6ec03955a2f37ea4e%7C%7C670d93ba5517e23c5d71b268fc74073b%7C%7Cb83e535e04d84e1cd858d65ca89b5d46%7C%7C9355750c616a09eb1154ce87b361e3de%7C%7Cf65aa9211e1ba36926a648fb1227325f%7C%7C1629390669,sca:%7Bspg:a7361e66-2e5d-df98-7973-9cce87ad3ce9%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt43.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 97ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lwza,pingTime:1,time:1479,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:384%7D,%7Bpiv:100,vs:i,r:,t:467%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1012,o:467,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~300.250%5D%7D%7D,%7Bsl:i,t:467,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1012~100%5D,as:%5B1012~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:96,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 104ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lwza,pingTime:1,time:1479,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:384%7D,%7Bpiv:100,vs:i,r:,t:467%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1012,o:467,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~300.250%5D%7D%7D,%7Bsl:i,t:467,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1012~100%5D,as:%5B1012~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:96,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt52.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 104ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lwza,pingTime:1,time:1479,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:384%7D,%7Bpiv:100,vs:i,r:,t:467%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1012,o:467,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~300.250%5D%7D%7D,%7Bsl:i,t:467,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1012~100%5D,as:%5B1012~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:96,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1B1D 43 B
301 B 107ms
100ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=a7361e66-2e5d-df98-7973-9cce87ad3ce9&tv=%7Bc:v9lwzb,pingTime:1,time:1503,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:400%7D,%7Bpiv:60,vs:pp,r:,t:490%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:490,n:400,pp:1013,pm:0%7D,slEvents:%5B%7Bsl:n,t:325,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B87~1,0~0%5D,as:%5B87~300.250%5D%7D%7D,%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~300.250%5D%7D%7D,%7Bsl:pp,t:490,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:60,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1014~50%5D,as:%5B1014~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:123,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b*.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:14 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=685718571544148&bg=!29il2JzNAAZQLpa_UC47ACkAdvg8Wo5YC-cIFXwFy51X5fsjn4aPLajxPbMkQeAm0-_43PmvP5gaogIAAADgUgAAAA1oAQcKAO_ry5ryWJAAxvGwczE61uXYIfSBrisWgcvJtmygxBrNhgpSrW1DShkt-18hPfqq7IrAheWS0DqAEnc7yePL0yBDsWmNncB-4zQ2py6KF4xJEpmpLfHdML8IZOc3ZsybePoiiECuiQTTTsrXumwUQIY46-gzyzVT42ytxzEUMQY3RPTCeRwdG3V0cdYnlaFB-7ltE8dNfuI-vXxp914UbDCOiLcUiLXCPTsByJyAA7FvMr4YOqlloIEe4XfG2YHLNT3ene9rvc0GbKEIiwyJpoRFIMb00e61y1KefVGREZOMG1SqkSDlaIRaqc_jiKLau5kCgCSbGUeBc_LBxAAZuk0zKIhv61hMXK05zIXkbqy9bUmjAdRDrqmqq75Kv_aOFqxp7oPqduB6JBYt_qMFJMnv7StAXQlqTQzoCNFtntmKHWeG-lUUIcLe6MF7AMXAae20hcST2i4c9p36guOF0uFC9-LSxqQTvz5mBCgsxmLsCYBX6isuzEvrvvTzWDKiKDc6NjRD1QXK7m4u2kxscCgsr8wgdu1JjCgLVqj7DR-BAi50rJsCVBF9tSOK0I-ugi1KyXsAjeWIJWefwuv4ab9_HOJWwP4zcr2xT6xhnGUW5Ye3ozwuQl5jGU73zRMYHFIY4wKJ9W03SaWn05gei3WDkA0hXy71Rk7tu_DH8KawdVv0efiucb7KGbZZnV5AsCqMUfGan3hv45caHVB_uQyEOfcvnrdTE46YAOy-_CFH8-iVyXx7M06c0tXyWb4r59H37JKZHLoCV_W9qTNO9bNNr6yKrvLCAAXTcinz7Hj0osnt7CRPsZuxOR8I6MBQqO_f8PWss-NmOpc3osH8YUefxQ7Ibyc3IZCUVuLLs1S5Vb-E2PDeXG5d8Sn9t8lKQO9KT7oTbQ7-6gE12NoKW1aKif0iuSoRAkVxSWxSpG_aQvi_cIox3TkFFTqOWLRq4_iMVBmHqadhOIvGkD9_cUpOgXpPZXEvP47XMebIr_tTWedYtzALtF4K8itcp9S9i2znszlb1Z975y-FuYrDuFXDcALA8GqkQvB10Ixec1vvd3f5FRvLuOK5DSwC93QN05GtCVGxvoue1eVRE9PMHQFqUv1SPGrSb84jD7E__iGCHZDZ9ed78uCMMoZcf7baacLIsympfSmhIbeSkGVP6kMNte4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.painaidii.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 07:17:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 967D 0
729 B 13ms
12ms Script
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:15 GMT
X-Proxy-Origin: 78.47.208.25; 78.47.208.25; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 60b62c76-547f-4554-aea6-5ff74cbc8f00
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 213E 0
260 B 86ms
25ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:17:15 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 94ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lxBv,pingTime:5,time:5468,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:384%7D,%7Bpiv:100,vs:i,r:,t:467%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:467,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~300.250%5D%7D%7D,%7Bsl:i,t:467,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:113,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:18 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 59A9 43 B
301 B 98ms
97ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=b27fde0a-419c-35db-f157-f4df63aeef15&tv=%7Bc:v9lxBv,pingTime:5,time:5468,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:384%7D,%7Bpiv:100,vs:i,r:,t:467%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:467,n:384,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:326,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~300.250%5D%7D%7D,%7Bsl:o,t:384,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~300.250%5D%7D%7D,%7Bsl:i,t:467,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:113,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a*.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:18 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1B1D 43 B
301 B 93ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=a7361e66-2e5d-df98-7973-9cce87ad3ce9&tv=%7Bc:v9lxBx,pingTime:5,time:5493,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:326%7D,%7Bpiv:0,vs:o,r:l,t:400%7D,%7Bpiv:60,vs:pp,r:,t:490%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:490,n:400,pp:5003,pm:0%7D,slEvents:%5B%7Bsl:n,t:325,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B87~1,0~0%5D,as:%5B87~300.250%5D%7D%7D,%7Bsl:o,t:400,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~300.250%5D%7D%7D,%7Bsl:pp,t:490,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:60,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5003~50%5D,as:%5B5003~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:112,fm:sPWKiJM+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C162%7C17%7C181%7C182%7C1831%7C191%7C192%7C1a.774473-57793669%7C1a1%7C1a21%7C1a3%7C1a4%7C1b*.774473-57793669%7C1b1%7C1b21%7C1b3%7C1b4,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 07:17:18 GMT
X-Server-Name: dt52.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

93 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.painaidii.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hjqr5bsfivthio9lon93n6uql5
www.painaidii.com/	1970-01-19 23:43:09	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-20 07:45:33	Name: khaos Value: KWHHDN0Y-1S-JGX1
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptGfrzPAh1r4L5PW3iSKqdZLqKjo/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqNCxkmzGqrEKJWU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 07:45:33	Name: audit Value: 1\|naVuGyos1qqvInOf1CnrBSYsttz9VT367yYnFuSDAiNqjK1sECNPH9LaIppC6/lh9GEhMBOKW+p6sTUyoL+O8uBxGCOXoSK1pN9XcvuOONvc6UO785F0Pw==
www.painaidii.com/	1970-01-20 08:21:33	Name: cto_bidid Value: 7s9JPl9kaDRhenBTV3c2ZjM3VWprdklkR1FYVnk2Y081dmJ1RE01VHJvY0M2Rm5wUnpWUk56MHhVa2RtaVJwSVQ2azhKU3dNa21xeVJldlFDNlVjOUtESFNZUSUzRCUzRA
www.painaidii.com/	1970-01-20 08:21:33	Name: cto_bundle Value: h3JJjl8ydDJkaGZuZzVkN2xFN1VmWSUyRkNOcVZLMUV0UTVabzU3cGp2SXYxbVlKbW5HVVRSUmM1OFJSbzlTbzNERUcyTmNQTTlSVU5jOU11dzc3T0hGeDNNM2hEajFHNkwlMkZxU05NMFQzREg5bXpEaGxWNlozdzdVNE5Lb3A1RGxmV21HRVA
.painaidii.com/	1970-01-20 01:09:33	Name: _fbp Value: fb.1.1637997431832.554912032
.doubleclick.net/	1970-01-20 08:21:33	Name: IDE Value: AHWqTUnUun4mZLRrvYqC_0ZpljZPOL22OP8LNwLcbMb-1jdNYYl731xqBBm-OJvI5d4
.quantserve.com/	1970-01-20 08:30:11	Name: mc Value: 61a1db78-6f3c7-31e4e-98746
.agkn.com/	1970-01-20 07:45:33	Name: ab Value: 0001%3AmpKT%2F5qEIRNBpj0XOvIH3VJ00o4771ug
.agkn.com/	1970-01-20 07:45:33	Name: u Value: C\|0CEApNJf4KTSX-AAAAAAAAQ13AQCAAQpAAAAAAA
.rlcdn.com/	1970-01-20 07:45:33	Name: rlas3 Value: up65PdMEJEToYWvapTH8bmnhoVRqMTcZ3kKrCmQWnVU=
.casalemedia.com/	1970-01-20 01:09:33	Name: CMPS Value: 3174
.painaidii.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.painaidii.com/	1969-12-31 23:59:59	Name: _cbclose43926 Value: 1
.painaidii.com/	1970-01-25 20:29:45	Name: _uid43926 Value: 2D728998.1
.painaidii.com/	1970-01-19 22:59:58	Name: _ctout43926 Value: 1
.casalemedia.com/	1970-01-20 07:45:33	Name: CMID Value: YaHbeOaLsyGEHNDe2XQW.wAA
www.painaidii.com/	1969-12-31 23:59:59	Name: verify Value: test
.rlcdn.com/	1970-01-20 00:26:21	Name: pxrc Value: CPi2h40GEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 01:09:33	Name: KADUSERCOOKIE Value: 09E59978-DD79-48B2-9EC4-588F2FE4CC0F
.e.dlx.addthis.com/	1970-01-20 08:30:11	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 01:09:33	Name: CMPRO Value: 1219
.addthis.com/	1970-01-20 08:30:11	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-19 23:43:09	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 23:43:09	Name: na_sr Value: 20211127
.dlx.addthis.com/	1970-01-19 22:59:57	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 23:43:09	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 08:30:11	Name: na_id Value: 2021112707171200011494544449
.addthis.com/	1970-01-20 08:30:11	Name: uid Value: 61a1db78ac12bf2c
.addthis.com/	1970-01-20 08:30:11	Name: ouid Value: 61a1db7800015526206a7d6ee9b5680474a846a0a25126f411a8
.adnxs.com/	1970-01-20 01:09:33	Name: uuid2 Value: 3681791446403730819
.adnxs.com/	1970-01-20 01:09:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In2H?Uqh!A#FZ.TOKKnyW<U1`VROYQM-:b7r17CGNCx>O^0$cT2WFZf7qxITF9:HA/$U(j#iP(Md+>)fy*(N20[<
.doubleclick.net/	1970-01-19 23:00:01	Name: DSID Value: NO_DATA
.painaidii.com/	1970-01-20 08:21:33	Name: __gads Value: ID=15ec2c4dec342822-22675023fecb0068:T=1637997433:RT=1637997433:S=ALNI_MYvH4Cafl8pITy5dR-PLDW7Uu0CYg
.painaidii.com/	1969-12-31 23:59:59	Name: __utmc Value: 81308566
.painaidii.com/	1970-01-20 03:22:45	Name: __utmz Value: 81308566.1637997434.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.painaidii.com/	1970-01-19 22:59:58	Name: __utmt Value: 1
.painaidii.com/	1970-01-20 16:31:09	Name: __utma Value: 81308566.438431747.1637997432.1637997432.1637997432.1
.painaidii.com/	1970-01-19 22:59:59	Name: __utmb Value: 81308566.1.10.1637997434
.criteo.com/	1970-01-20 08:21:33	Name: uid Value: 73d0d58d-4963-4bac-a964-44d21ef82c0f
.painaidii.com/	1970-01-20 08:21:33	Name: cto_bundle Value: JGO8pV8ydDJkaGZuZzVkN2xFN1VmWSUyRkNOcVpsblVIMHNjWm4lMkI0SXNhWjNyNWppNnQ2WXhOcnhidFZkJTJGcnJMNCUyQm9aZGtwUU9nbnEyTldTOEVtdzZES25YbEQlMkI2MTNrJTJGQlVRUEUydG9HWnc5NTJEVVdyayUyRkFBSzlwQkRVNXlVT2Y1aVZTc21jeFZzcjdyR0tuJTJCOWhLMzBDaHl3JTNEJTNE
.www.painaidii.com/	1970-01-20 08:21:33	Name: cto_bundle Value: JGO8pV8ydDJkaGZuZzVkN2xFN1VmWSUyRkNOcVpsblVIMHNjWm4lMkI0SXNhWjNyNWppNnQ2WXhOcnhidFZkJTJGcnJMNCUyQm9aZGtwUU9nbnEyTldTOEVtdzZES25YbEQlMkI2MTNrJTJGQlVRUEUydG9HWnc5NTJEVVdyayUyRkFBSzlwQkRVNXlVT2Y1aVZTc21jeFZzcjdyR0tuJTJCOWhLMzBDaHl3JTNEJTNE
.pubmatic.com/	1970-01-20 01:09:33	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:01:23	Name: pi Value: 158497:3
.pubmatic.com/	1970-01-20 01:09:33	Name: DPSync3 Value: 1638057600%3A174%7C1639180800%3A197_219_201
.pubmatic.com/	1970-01-20 01:09:33	Name: SyncRTB3 Value: 1638835200%3A63%7C1639180800%3A13_161_22_54_3_8_71_220_21_56_7%7C1639267200%3A35%7C1640563200%3A203%7C1638576000%3A223
.quantserve.com/	1970-01-20 01:09:33	Name: d Value: EJUBDgHpJIEO-TA
.simpli.fi/	1970-01-20 07:46:59	Name: suid Value: 208AE2899B1F4A68A608EFE342C64F39
.adfarm1.adition.com/	1970-01-20 01:09:33	Name: UserID1 Value: 7035145409975613581
.mathtag.com/	1970-01-20 08:25:52	Name: uuid Value: c38f61a1-db7a-4100-ada7-66f055862a7a
.adform.net/	1970-01-19 23:43:09	Name: C Value: 1
.de17a.com/	1970-01-20 07:38:21	Name: guid2 Value: 1.2470210704163507447
.adsrvr.org/	1970-01-20 07:45:33	Name: TDID Value: e957c8bc-d20f-47bc-82de-bcd09466642f
.analytics.yahoo.com/	1970-01-20 07:46:59	Name: IDSYNC Value: 18z8~21rj
.owneriq.net/	1970-01-20 16:31:09	Name: si Value: Q6912838341069742203
.owneriq.net/	1970-01-19 23:14:21	Name: p2 Value: cc
.adform.net/	1970-01-20 00:26:21	Name: uid Value: 5517787165593516766
.yahoo.com/	1970-01-20 07:45:55	Name: A3 Value: d=AQABBHrboWECEAxldgwFvGPHae9RBiOoeqQFEgEBAQEso2GrYQAAAAAA_eMAAA&S=AQAAAh4-Ji9aDlTnhIoYwrTKp48
.everesttech.net/	1970-01-20 07:45:33	Name: everest_g_v2 Value: g_surferid~YaHbegAHtgzMrABG
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_1101 Value: 23040-7035145409975613581
.pubmatic.com/	1970-01-20 01:09:33	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_27 Value: 16735-uid:1b7b61a1-db7a-4500-8673-450da3e81a17&KRTB&16736-uid:1b7b61a1-db7a-4500-8673-450da3e81a17&KRTB&23019-uid:1b7b61a1-db7a-4500-8673-450da3e81a17&KRTB&23114-uid:1b7b61a1-db7a-4500-8673-450da3e81a17
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_391 Value: 22924-5517787165593516766&KRTB&23263-5517787165593516766
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_80 Value: 22987-CAESED47icd4n_r6o4QZMotr_JA&KRTB&16514-CAESED47icd4n_r6o4QZMotr_JA&KRTB&23025-CAESED47icd4n_r6o4QZMotr_JA
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_57 Value: 22776-3681791446403730819
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_153 Value: 1923-uW8-2-s8aNKiaDnZ7Gly2b47a4-iZ2fdu2hjbyDG&KRTB&19420-uW8-2-s8aNKiaDnZ7Gly2b47a4-iZ2fdu2hjbyDG&KRTB&22979-uW8-2-s8aNKiaDnZ7Gly2b47a4-iZ2fdu2hjbyDG
.bidswitch.net/	1970-01-20 07:45:33	Name: tuuid Value: b627a7d3-2a54-4b22-ac56-13910e4a8309
.bidswitch.net/	1970-01-20 07:45:33	Name: c Value: 1637997434
.bidswitch.net/	1970-01-20 07:45:33	Name: tuuid_lu Value: 1637997434
.adsrvr.org/	1970-01-20 07:45:33	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwicl5aI_9-YOhAFGAUgASgCMgsI7MrntJXgmDoQBTgB
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_336 Value: 5844-2470210704163507447
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_218 Value: 4056-YaHbegAHtgzMrABG&KRTB&22978-YaHbegAHtgzMrABG&KRTB&23194-YaHbegAHtgzMrABG&KRTB&23209-YaHbegAHtgzMrABG
.pubmatic.com/	1970-01-19 23:43:09	Name: PugT Value: 1637997433
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_377 Value: 6810-e957c8bc-d20f-47bc-82de-bcd09466642f&KRTB&22918-e957c8bc-d20f-47bc-82de-bcd09466642f&KRTB&23031-e957c8bc-d20f-47bc-82de-bcd09466642f
.betweendigital.com/	1970-01-20 07:45:33	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 07:45:33	Name: tuuid Value: 0322160d-55d6-514b-830b-071fe2aadc64
.betweendigital.com/	1970-01-20 07:45:33	Name: ss Value: 1
.onaudience.com/	1970-01-20 07:45:33	Name: cookie Value: 0a2ffaa0db5f2ab6
.onaudience.com/	1970-01-19 23:01:23	Name: done_redirects104 Value: 1
.betweendigital.com/	1970-01-20 07:45:33	Name: ut Value: YaHbewAB0NhcJ82OjCnb4PMuXD7jg5I9xl7_Wg==
.pubmatic.com/	1970-01-19 23:43:09	Name: KRTBCOOKIE_466 Value: 16530-b627a7d3-2a54-4b22-ac56-13910e4a8309
.crwdcntrl.net/	1970-01-20 05:28:44	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:28:44	Name: _cc_id Value: 8eb081013d4cccabea1d6c172d28fa66
.crwdcntrl.net/	1970-01-20 05:28:45	Name: _cc_cc Value: "ACZ4XmNQsEhNMrAwNDA0TjFJTk5OTEpNNEwxSzY0N0oxskhLNDNjAILEhberQTQUAABuAAu4"
.crwdcntrl.net/	1970-01-20 05:28:45	Name: _cc_aud Value: "ABR4XmNgYGBIXHi7GkhBAQAdGgJZ"
.casalemedia.com/	1970-01-19 23:01:23	Name: CMST Value: YaHbeGGh23sA
.casalemedia.com/	1970-01-20 07:45:33	Name: CMRUM3 Value: 2d61a1db792760CAESEAKBFn1mKY7QOGVrz5v7K7s&f161a1db7a05a0&b061a1db7a05a00&4161a1db7a05a0&2e61a1db7a05a0&e661a1db7a2760&2761a1db7a0b40&1f61a1db7a05a00&9861a1db7b2760800d019c-0dea-41e6-b968-e65a0906e6a2
.onaudience.com/	1970-01-19 23:01:23	Name: done_redirects161 Value: 1
.exelator.com/	1970-01-20 01:52:45	Name: EE Value: "bac804b8961246b3f740a1e3ac3ebe62"
.exelator.com/	1970-01-20 01:52:45	Name: ud Value: "eJxrXxzq6XKLQSEpMdnCwCTJwtLM0MjELMk4zdzEINEw1Tgx2Tg1KdXMaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F79ugCACHiSod"
.pubmatic.com/	1970-01-19 23:43:09	Name: SPugT Value: 1637997435

211 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_push=AYg5qPIShn2XsGF32r931dm6VaaHPfxHHru-aJEO88EvJq4oMhKEW3vmQTwLl5PQfL3pKt0ikXptB3ThcvFMlxIngRWJ5s-64I1F&google_gid=CAESEEQgyHe5nPoYSyVdrh2L-DM&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaHbeOaLsyGEHNDe2XQW-wAABMMAAAIB&google_cver=1&google_gid=CAESEGSQurzAZzs0mCkskFjSuO0&google_push=AYg5qPKEJdpuaUVAn-xZ5WhKcA7vzPqArJ0Uaz91fFEfR9qDOupkgAcQEZ1q4E_h0JPVFsKu6V13qOW6R5DdYwx9lpWdPcWVzpLm Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7aa877f3819c26268a2754876385e115.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
adasia-d.openx.net
adnetwork.adasiaholdings.com
ads.betweendigital.com
ads.painaidii.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
anymind360.com
bid.g.doubleclick.net
bidder.criteo.com
c1.adform.net
casale-match.dotomi.com
ced.sascdn.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
connect.facebook.net
csi.gstatic.com
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hbopenbid.pubmatic.com
hits.truehits.in.th
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.painaidii.com
js-sec.indexww.com
loada.exelator.com
lvs.truehits.in.th
match.adsrvr.org
match.deepintent.com
mug.criteo.com
odr.mookie1.com
pagead2.googlesyndication.com
painaidii.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
px.owneriq.net
r1---sn-4g5ednd7.c.2mdn.net
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.painaidii.com
x.bidswitch.net
cm.g.doubleclick.net
sync-tm.everesttech.net
103.246.17.188
103.7.59.33
104.244.36.20
104.96.135.185
104.96.159.57
142.250.185.162
142.250.185.226
142.250.185.66
142.250.186.70
142.251.5.157
151.101.130.49
169.197.150.8
169.50.137.184
178.250.0.157
178.250.0.163
178.250.0.165
18.194.46.33
18.196.195.54
184.51.9.18
184.51.9.34
184.51.9.98
185.29.134.244
185.33.221.52
185.33.223.38
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.86.138.32
198.47.127.20
203.151.144.224
203.154.91.10
209.54.177.54
213.155.156.184
217.182.200.29
23.111.200.118
2600:9000:214f:ee00:8:48e:53c0:93a1
2602:803:c003:200::31
2606:4700:20::681a:8a9
2606:4700:3031::ac43:d645
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1288:80:800::7000
2a00:1450:4001:16::6
2a00:1450:4001:802::2003
2a00:1450:4001:808::2001
2a00:1450:4001:809::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9c
2a00:1450:4013:c07::78
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::645
2a05:d018:d29:3602:55f3:aa52:2cab:d50d
3.126.56.137
3.33.220.150
34.235.213.39
34.254.143.3
34.98.64.218
34.98.67.61
35.186.253.211
35.244.174.68
37.157.2.236
47.74.174.177
51.222.80.231
51.89.21.20
52.208.103.128
54.73.238.193
54.76.210.111
69.173.144.138
69.173.144.139
85.114.159.93
92.123.21.100
92.123.9.160
95.100.146.50
01bde24980de53d55f142d03c492d958e8f7aff2a254327b51360ddb932bf8f3
034c79ef8ee48a0233dbb06a6294f885e5125231a068dddfe47f15c685c65684
04d2f8aa388a5c972fabcd62d8f993299a386a7d5e9195e2d75b9365f6f33a06
08e6d04469573e215383d06d963322f8c71ff33a943a8c3263b0f2e9a0463667
098661857adffa540f490014f7f6bcea498550bdf7aca1fc9074d374e5e3af9c
0ad3d74f9faf23a789eea0e1050644404756a3254a09ac065f7d279f2f893dd3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143136b1bc137a7ca9da7fcc273ce8307c3ab7ed1c2aff3fa7ba26f15ee3cd04
1510a812f3ae32b2e9202739eb2d3680c594d44a777fd3ad752af11586855a92
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
198e66ce272aa629cb485c6c9019b5290f6aedca8e6e238dd63cb657df4ed7fb
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b424110a4c901364d8f14d9c059274f8e2b3ddc4b64160972c072def01b50a4
1b5b06c1334aec91feedc68b564ce53da41afba9447ead2a79a4d76446a7675a
1b9b208a4b7656b211407c0cdb0236ee6b30b726f3c522302fd6e5ddfe912b75
1d46e501ffa513fb4621f82c60a9ab465cd2e14d3e4fe4bde506e8cbeaafbd60
1da46754ab097219c68cc82cd9cf943248d15c5fe9c45f2116d28e778cd81f52
1da94f2f205b78f2c634f39039c5ad85a1793a10b690c22272c9344d7fae8191
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e24e0b0db55d9b2cbaf3f27350ede02425b77dd5b0941ee0d7e0e6928197e26
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1ffc4b5420ad43e8b7beebfcea12547f25ccf41617d089962699a15cc4b385b4
2001033e0bef7b81b3d5cb35840510b8b49974fe99b50d0b388e9b3f01b70dd0
20644ab40a533c5ede1969daa53d2243a4881c578b374b6eb372386831b2c159
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22990263d56b05b361b0842f6cccbb34e692888470a1a6d30fe8e3cc251bd2f2
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23f53eb8e6f5ab2c67d8e63b25b9abe03408efa0529f8abed515259d7966f2f8
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234
29603acf635d6bcdb8f8cc3b6ee362f3629bed9f635c4614f58c6599b7b5496f
2980e6f99026fc58ebeae9dd5ab55e23249c20e5c930edf6bfd4bd0112463dd8
2996594ee4dd5cae621ed01577fee5737077adb004add5cd219692efed299e83
2a45a324ec3823b7d14a0912a3b7ade3178c71c983287abae4d6f4391b2551af
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b56e281a91282c054e586e8194681c46c29bf476a6f47cd3483428196c354c9
2bd07162cc794e05de369f2195e456105cf3746b4e7ff67b90fbd3da57844f0e
2c1d96cc501055ad47555754e1397050b5db776a325decc0fed5126c14a0ca31
2c1e2f82ef450a572ec5ff80b7337a95a52b535b68cce8f17eec813e23b8f5ba
2d0c47ebaa25efb04b800f2c5a886a2b14e7d812858b49a2f9e9a24cbdf42f4a
3160bd2ad91c0d73fcdf31d96ddbdf04a9cecd5d16620558776e563f5b5c0372
326b49d52dc9b7e30d9645f4eec344b880d18d5c68b61d757df810c0549f469a
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3541a291c616524557d75d04f5bf296fca63f3ee5ca5df78e045e48eaba9dcc4
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38278648216afa0d41c21b1e213dc214edb0f68f3b6f3e0d3a1b2b49e73b3125
3bd088e53350ab168664f3877fc41aae4fc607d98c0a38d03847c4aceaf7e6fa
3c3bff1cc758149536488e4780e3ff02106fc8912dffea89b887f27d30dac568
3c50271fbe7088cce553c0dd7c52606c6b4f706188d979320adf6a685ff1d691
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d29738ea608cb3c37967362c94d2a17b4ea8c9fbe4e614825852c68aeb274f1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e06ee9aedeeac0cf2d86184c7fd07fa3fdb0f12cbce22e2dff608d0b6bf843b
3e746c385ab6f4ff90951bf1b6abb87ce52b68528a6856cd95edfd439c51c18d
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41acebc920d3c0e101add5612a7e4cbd42cce1f93f4914d6c44e6c673f22671b
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
42bd636ed4b03e568143d69b0e7147a1e5e89c5ddc1243320069b79246ae6e22
42cbf2f330b099d1fa7e136301c46e4b97415955b9134a0e5db5109e726ffddb
431180841d460f3bd471229575322405ee03a0df21e3ec058182c314ed67956d
438f59f80dc0b331ab05fc7b36c4a41744974cc8250b1cc0eebcdfd1cd6add93
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
45616de31b0b642875a8dd98825589888b21ae1dc5bf66389c67777677d0af18
45a9726ad2f573efe08abed78cb63bdfe0d345fbf28b05c01b69e7cccc00101a
46367047a37672fe90a380ea318ad24c399708bbb0d792a936707075242fcb4b
472ce72cf20d398954550403e103d2b001342391a817b3fac71060f50a8e65a3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5130eb2b26589edc79df541561e0c40469fdb05a7a75566a61e580e1d473254e
51ab43b24f9e57203f8c23a6c6bf2b87129342bd2fbf0033553639ad1c563595
5219c183e15a4918a28d8aca95259316759450dc0732fbe748cebf6acabac113
548c69024004800ab3d9461a7ce797b8bdf0a7deea758a0ebfc019a1626c1ffa
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5532263d9283500e65a10801d02fcfc2e236d1b8a52ac47d89b8ad6c15022aff
5924f9185dc4aab39c1e44a8b067d4d47111034e7df89ce1f82f6bf30567e5b3
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5cd71b1cee568b9f1498e914dd2b0c82add19a5a41c07d085131cdc66df5f613
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d54798969f4d935fb489dfdfbdc570a52b1eab39e46c7fde7ff64b87f797557
5f4d5008015a20efea096181df1f1964538b745ea638a4197514d05b6c2341a9
5f5e8afd0d01eecb9d99b3ab403b745ea4b5c92ef333762d3a7281c7bc212d1a
61aa9cf66c7c78fc66cfa266ba3a323c6c44b05e1dd47c70c14f2ed94fcd37c4
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
6216fa3d169b24872755b6c35527787345eadb4d6ff45b5644db8e52ae72ec8d
6258f5106284ca5105628c1a6dddbae1193a9a9de82f4171e7450ed5f5c5c936
64ae6a79688422364676494595afdddba3ac2f1e21f49ca2c65e47fbc44c6696
64f92ac5b3e5e53a9fbe7815fc07b9c10de1e6489f1c020041f543fb1c84ba3a
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65c7f2b5d24d28a2b4d1aad3fe135f49326b2b4151ec7d3f0471627a2b673866
66c77d8ff2941db7db72681bd8d20a098471a512bfaf2df207bac6b764fb1e42
69a718024dcfd273fc06968e7184ec4397ee7dd32b7c6920c35560b60ba3b963
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ba62b7cf2ea5eae058ad7d7f055830a6ff4985ad79f439cd075ce755c652010
6cfc778f9710d90547c8f4ca54e3e7efda19d1962058da1d0654ed3b8e0a9ad6
6d421a9ad31cd94cc0aadf5705ecd39e7801d0a3a96d60b6d021a04378bd51a1
6d7ef2bd3e7243212012214e03bb9e5312dda63e37b0998adb76589c02612940
6f21dd856ad848baa852b82407f08f545aa73483b22880174cd941635448390e
743e3d59c072d035ffa0aaa38adbe4999d548b4df759236bf5baaec51471b808
74d25e2b9377908b77f4e08d42b8bfd32435030c911c057aa4cdf028c06f3456
7687d34da2d728e629fc1c684e4b6d147882c1b9898374ac0df02210b887fd60
77b6c431a9dceadb75a70975f5049a287f5a5c0315511cf819d697812c624b78
7854840da7b3541cabd59f9d2ec832579cc042199f78295740902f75b95c7d3b
798df381b75fea8a36996a6cd24c454de79f1f84990b18a317096241184a149b
7c324008782d78640ecf39d78c8e7c12f7bc1fca88fdf78eb778a51916ab4219
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f8e7e796b2d6bfc1b3d455c1c3a6219b15d3570aeeb1e30f49b376be8e5efcf
81a043bef2d9c630fe8e188ce47d339e70d90e7019dc5ae88356dca07debb2ed
8252b1ef963737d43d1a47e8891e102fe593081e8222d7a52391b1c2fd60e830
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840cb772e485aff7d999a32fa9a57853c1f1bc1bef8d09cb485c708ad1c24fb6
87486961db4ac0005e48fbd15e222b99c0ec84eb60cc9cfbaa2f4a493c6feba1
8775ec6e00700868e019b7b475e45d3eb876088026975992f42aee2672b0092a
87c58744ba5bd68bc8258f69ffc6873421553bf5bfd782374cdc52745ed1b98d
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8
887a71da48b4df1b36827f3437af336dc249878d36e97634328534860a0c0ac1
8a2c3ff286faaeb35f08ea6f5e21723a27821ab7623ddce9b1fd4fd0b96b6fa9
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bd93fbb8d5f5f1155ffcb314200ffb7b8f1f53734ccee28f0f4e42a546220a2
8c576d46147ecbaff23fa687d24b193194f388eba9d572933a7c20fa9985d270
8d31a55ac6a80651bdcc96fcf6ad9feadb814068fd6e9a7ea601d9535ab181f8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f6cfefa5d1d62adc5214392457d0828eaf243f153d299a306341786606a8452
941a3724badcabfe2080512c8f398df7626d38270e8f76c253666356955f3dc0
9446f687275f7e0f981abaffd505758e7beba3d4a4931acc00c8c96fd3f5b8a2
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
958705c19cc9cc6a1e4716ffc29d685efcdc864708c862443f7b8eced538945b
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
992d4d6b7fc5fa7f331c55ea8081376e031d2785411a6584010f48e94c5f4ae8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d59fda8938030dbf3261e9c9fc268ffeacf6e858844818ab944957586597753
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2f5c4b5fcbf50f2ef205d84409248dd892bc2be5a0a043dbe76f61ea9c50cee
a39d2c369ab32c5a20387fd7a171952fd90ad78f078e0fbc6213e8ae735505cb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a619f5ad484fe45755bcb39c171cdc39d9181d0223c036c52463eb618ac48576
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a6bbb53518da7884c30ed98c49a45c242570ad992a968834f949510b79a6383e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a92881eff31c009e106106aa43eef4c4c0116f8b9bc05c29b95e576bada5e949
aaeed0cf2c8cc6da36b073b836a0028ecf8f7566112c0f91acf56d94d2f21c3b
ad767ed28805e2af8ecb91f9c37923dfc59ca75bb7f84228181ad4735a9cd064
ae9a0f95ede822b1959d214ca0189f6b6390c3196696d4e54ea9141bc200cea8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f016301d34ebef95dc93bbcb9bdd112541e23108bc442d9a711923e32476bb
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b55d6c48d818bf6e4b83de21a8d774c8a8b93b8b22d70aefd0d586933c3552d4
b5982308ef0aef7cd0587ad4c040123510cf76a33bfead29fc702f63a58e43fd
b70ef49751b1599d428e460404ffcf1325e89596c212a29b230714a6fa5de0a0
ba0dabef4c53b96e7fdbcb6d5b6b1b21c88175cb7c210e9641545cb0ebb47e8c
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bcbbc0569a5513af0d0e75cc75aabe34467584fd6bf0374fb76b4b52dfb76fd8
bd5ca6295e1febb6987805c2a6e228c955f26ee9f6074c9e8d2fbb46872ff02a
bd85ade60a12a293e444d14028a076bf1ee0d7dccba6b2e7c287d1222e520e5b
bdd7dc76bbaab8db1dd3b2291a9b1b52b1891f1f427984f3ac3c43c85a5044f3
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be0f09525f60408d43c30b1a30f0ae97209dad9fd47c6cd27e73c2129994ebcb
beb14a737c516b807d2071f0aa40327f45f251a47f31c20b1e7d91f69560acd0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b4c2a973b48d7563d75c13eeacb6e1cbaee7dc0128ff65428d624ade66626f
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c4379c2f6961baf3aef6fa79e91ff5303c61f3d1e989b71ad84437b7d46f3b0c
c43f9ab86a22ba17a49c5acc65beff5a768fdfd784275eacd8c47edd0850a4bc
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c72a4a5bfc954189d25783493e889ebd545aab165bfb40e4fc2437b02b1862bf
c877a8f5fa35d65bad6a1e177a1b733c7da89e57fddd60f137e035855dc9e9eb
c99ab6030aaca6a2c5cd756efc7de6157724f35e9e3354261f6620676e0bd61a
c9bd909b4b17a7d10bcbd6780736f50e958a38f903ee10ac2493b481455bd34a
ca2375b6e763c24427c2f71d4b7d615bb85354264ad7c71b6936fe6d869a1df0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb299018945d4762f93f77abaaf56379fe5a7a72bead6e62fd45f8ad26860ea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d381b2e7b9510690c08037c1a08202f153212e6375d21f88d8df266c99a29dad
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6655b41cbbcf5e8a7b3a4cc56375c9bfc3e1fdb7acb76011eccfd72bdd2ae3d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d815f51f45848a7e82cf69b2848e1c820cd5a54a06f043aebdbbdd6880a82e39
d836f0f435dde8a7b0e20ffe39298d69110e92dfd512cf82e141bdccb7e80c5f
d94495353021d00834f432f96ba7d381da54648e8ce7bfb1b7a088579dc7c83e
dbc202af2676cfd32d75e24f188f68e25a607e5da3c0d98f21508965cc64ff7a
dc328c6b028a7c5a3d26c6240dc67f412897a736acd3d13a1a8b0ceba7bab44a
de1c6683fb6aa8c0d5dec9a1bb3d24ec3841dc0debcde3964e31e87bbcff7c27
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
e088a8c4a8c133902624533e9326b019c9e551dfe7165fc9ec9fa34cc7776c43
e1c7c42e54cf049811ce2b248d6744f4d5ce1a314d6ab941a002baf3e5472802
e24fdb0d1402261ad8c04b71ab05c93178ead5a10f7ac70e24e5302eb1149959
e29e8cb21e6e794d5730c029d3996dc8e79b0841d7bb32cdd10ae34d4fb64760
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e354deac9bfe8f97695d2bea2c371d512c9868f0171f4864eab07f0d9163de20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5685a906ac5a9cb02a04e6880f0f02c6598b5ec4b23e94d11cc7126df49d311
e640d4c28511f0c940ece453fbaabfd20c35c8c1d704899119f17c233b99e839
e6d76cf44ffeebd401fa3cdd8492719fb0bf4146e413ad9bd561e87605668004
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e828e6ad4d3fd31aff91f5e557efbbd3eb175eecd76de5fd226ceb94406151e2
e8e048884543f0724e4da94d652fde11e91f4b4ef120cfbcf957ed3677747356
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eafa628bbd5d1388123d3dd5aac44bd83c8db3c48523f5b8f3f6cceabc47c412
ec578e9d5a238767db3b742e875957ef59df2493cd0682fbadd54957413495b3
ed15100e0f4a835eefb32d7bf275a17fdeaa4eefff5e412108b944e6b59f40bb
ed6c57d0e48070220a277e03d2d1d02e3b98de6a7e9df5f8f43ebd04bc18c6e4
edc33dafecef60bb1dc6e61e5c57525c57f4fc5bd8b5a1050a4924a6c1073092
ee66fe9aa6fee1805d6f05f32b119ff7d95a81b9d2e8d0c665ab143f27092319
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effb62b6b7b49a86a711b12d0b59d0d622f5598663c54e86e6e2e2ce29a5f4ec
f2a316ba543b2a6c2498ee50399c9bd707fa154a98910698571dfc419bb650b3
f2cbff2d6823039a7888f94c59be9840d97e79a516ae3d318228c612084631c9
f2f1ab3a21f624f57493c8bd60711c545af5d22439dea0db90de22afc9891454
f3034c200bf9012fb72a8438ff25390a5cf3c278bc60050f29392a958895a80d
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f44e99175cb5e0c105ebffb3da8a895065c8e30b1d5fb7fa5a6c30ef74647a3f
f507503841f44ee6ba0104d59b7ce4a80162d2cb809314d6c15fcdf089b0e4d8
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fa083d87572cc8aee44a91f707596e822cecc879457487518ec7b8159059cc3e
fac9f6e48a7939afe4bf02b4008a4faf79dcd1677093a2a9454433b0a8373098
fb9dc03848c094d1766355c11efd8d191fff0723ee1238a710a89443948a4447
fc5e9c3400c0b2ea65eb087adeea806da917a671434182f53c5e704dee14c90f
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

www.painaidii.com Open in urlscan Pro 103.246.17.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

459 Requests

69 %HTTPS

37 %IPv6

56 Domains

101 Subdomains

74 IPs

14 Countries

15539 kBTransfer

21457 kBSize

93 Cookies

9 Outgoing links

Page URL History

Redirected requests

459 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.painaidii.com Open in urlscan Pro
103.246.17.188 Public Scan

Screenshot
Live screenshot

Full Image

459
Requests

69 %
HTTPS

37 %
IPv6

56
Domains

101
Subdomains

74
IPs

14
Countries

15539 kB
Transfer

21457 kB
Size

93
Cookies

459 HTTP transactions
15 data transactions