urlscan.io logo urlscan.io
SecurityTrails logo

engel-orakel.de Open in urlscan Pro
2a00:1158:1000:404::21c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://engel-orakel.de/
Effective URL: https://engel-orakel.de/
Submission: On June 02 via api from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 9 countries across 41 domains to perform 319 HTTP transactions. The main IP is 2a00:1158:1000:404::21c, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is engel-orakel.de.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on December 17th 2020. Valid for: a year.
This is the only time engel-orakel.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45 2a00:1158:100... 8972 (GD-EMEA-D...)
1 52.222.158.74 16509 (AMAZON-02)
5 142.250.185.130 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 9 34.98.64.218 15169 (GOOGLE)
7 185.86.138.32 201081 (SMARTADSE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 8 185.33.220.145 29990 (ASN-APPNEX)
15 37.157.4.23 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 74.125.140.156 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
6 52.28.163.57 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 2606:4700:20:... 13335 (CLOUDFLAR...)
17 24 142.250.185.98 15169 (GOOGLE)
6 14 2.18.234.21 16625 (AKAMAI-AS)
2 2c0f:fb50:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 37.157.2.248 198622 (ADFORM)
2 142.250.186.34 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 18.194.175.178 16509 (AMAZON-02)
8 205.185.216.10 20446 (HIGHWINDS3)
2 2.18.233.180 16625 (AKAMAI-AS)
1 2.18.232.130 16625 (AKAMAI-AS)
3 3 185.29.135.233 30419 (MEDIAMATH...)
2 2 2620:116:800d... 16509 (AMAZON-02)
3 4 37.157.4.25 198622 (ADFORM)
2 3 76.223.111.131 16509 (AMAZON-02)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 2 213.155.156.182 1299 (TELIANET ...)
11 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 2 51.210.112.63 16276 (OVH)
2 2 52.30.140.199 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.253.128.183 36351 (SOFTLAYER)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 3.126.56.137 16509 (AMAZON-02)
3 3 52.28.120.199 16509 (AMAZON-02)
2 2 54.171.74.241 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
2 4 104.111.239.217 16625 (AKAMAI-AS)
6 6 84.200.5.215 31400 (ACCELERAT...)
2 18.193.98.4 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.185.162 15169 (GOOGLE)
319 51
45    2a00:1158:1000:404::21c (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
engel-orakel.de
1    52.222.158.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-74.cdg52.r.cloudfront.net
cdn-a.yieldlove.com
5    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
34    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
yieldlove-d.openx.net
us-u.openx.net
eu-u.openx.net
7    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
15    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
a1.adform.net
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
12    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
adservice.google.com
7    2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
8    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
27    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    52.28.163.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
tracking.yieldlove-ad-serving.net
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
26    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
24    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
14    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    2c0f:fb50:4002:806::2003 (Kenya)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
18    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:6e::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5ednsd.c.2mdn.net
2    2a00:1450:4001:6e::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednsd.c.2mdn.net
14    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)
ad4mat.net
2    18.194.175.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
8    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
hm.adform.net
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.182 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    52.28.120.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-120-199.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.171.74.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
6    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
cct.connects.ch
cct.gonser.ch
2    18.193.98.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
www.gonser.ch
2    2606:4700::6812:d25f (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.ch
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
69 googlesyndication.com
pagead2.googlesyndication.com
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
459 KB
45 engel-orakel.de
engel-orakel.de
2 MB
44 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
266 KB
41 adform.net
adx.adform.net
a1.adform.net
s1.adform.net
hm.adform.net
c1.adform.net
899 KB
26 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
299 KB
22 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r3---sn-4g5ednsd.c.2mdn.net
r2---sn-4g5ednsd.c.2mdn.net
2 MB
17 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
29 KB
14 casalemedia.com
dsum-sec.casalemedia.com
13 KB
10 google.com
adservice.google.com
www.google.com
1 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
24 KB
9 openx.net
yieldlove-d.openx.net
us-u.openx.net
eu-u.openx.net
3 KB
7 smartadserver.com
prg.smartadserver.com
2 KB
6 gonser.ch
cct.gonser.ch
www.gonser.ch
1 KB
6 yieldlove-ad-serving.net
tracking.yieldlove-ad-serving.net
642 B
6 googletagservices.com
www.googletagservices.com
212 KB
4 awin1.com
www.awin1.com
3 KB
4 gstatic.com
csi.gstatic.com
fonts.gstatic.com
31 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
126 KB
2 conrad.ch
www.conrad.ch
895 B
2 connects.ch
cct.connects.ch
478 B
2 everesttech.net
sync-tm.everesttech.net
744 B
2 scoota.co
r.scoota.co
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
964 B
2 crwdcntrl.net
sync.crwdcntrl.net
987 B
2 onaudience.com
pixel.onaudience.com
883 B
2 de17a.com
d5p.de17a.com
634 B
2 quantserve.com
pixel.quantserve.com
939 B
2 agkn.com
d.agkn.com
1 KB
2 ad4mat.net
ad4mat.net
2 google.ch
adservice.google.ch
www.google.ch
1 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 simpli.fi
um.simpli.fi
611 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
369 B
1 google.de
adservice.google.de
799 B
1 googleadservices.com
partner.googleadservices.com
442 B
1 yieldlove.com
cdn-a.yieldlove.com
108 KB
319 41
Domain Requested by
45 engel-orakel.de 1 redirects engel-orakel.de
34 pagead2.googlesyndication.com engel-orakel.de
pagead2.googlesyndication.com
tpc.googlesyndication.com
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
27 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
s0.2mdn.net
24 cm.g.doubleclick.net 17 redirects googleads.g.doubleclick.net
eu-u.openx.net
18 s0.2mdn.net engel-orakel.de
s0.2mdn.net
14 s1.adform.net a1.adform.net
s1.adform.net
engel-orakel.de
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
14 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
14 a1.adform.net 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
s1.adform.net
12 assets.ad4m.at as.ad4m.at
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
engel-orakel.de
10 ad4m.at 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
ad4m.at
8 hm.adform.net 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
8 www.google.com engel-orakel.de
tpc.googlesyndication.com
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
8 ib.adnxs.com 4 redirects cdn-a.yieldlove.com
googleads.g.doubleclick.net
acdn.adnxs.com
7 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 prg.smartadserver.com cdn-a.yieldlove.com
6 simage2.pubmatic.com ads.pubmatic.com
6 tracking.yieldlove-ad-serving.net cdn-a.yieldlove.com
6 www.googletagservices.com pagead2.googlesyndication.com
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
5 image2.pubmatic.com ads.pubmatic.com
4 cct.gonser.ch 4 redirects
4 www.awin1.com 2 redirects as.ad4m.at
4 as.ad4m.at ad4m.at
as.ad4m.at
4 c1.adform.net 3 redirects ads.pubmatic.com
4 eu-u.openx.net 1 redirects cdn-a.yieldlove.com
eu-u.openx.net
4 us-u.openx.net 1 redirects googleads.g.doubleclick.net
eu-u.openx.net
4 securepubads.g.doubleclick.net engel-orakel.de
securepubads.g.doubleclick.net
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 match.adsrvr.org 2 redirects eu-u.openx.net
3 sync.mathtag.com 3 redirects
2 www.conrad.ch as.ad4m.at
2 www.gonser.ch as.ad4m.at
2 cct.connects.ch 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 r.scoota.co 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 ads.pubmatic.com cdn-a.yieldlove.com
ads.pubmatic.com
2 d.agkn.com 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
2 ad4mat.net ad4m.at
2 googleads4.g.doubleclick.net engel-orakel.de
2 r2---sn-4g5ednsd.c.2mdn.net
2 fonts.gstatic.com fonts.googleapis.com
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 www.google-analytics.com engel-orakel.de
www.google-analytics.com
1 ade.googlesyndication.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 acdn.adnxs.com cdn-a.yieldlove.com
1 r3---sn-4g5ednsd.c.2mdn.net 1 redirects
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.ch engel-orakel.de
1 adservice.google.ch securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 adx.adform.net cdn-a.yieldlove.com
1 hbopenbid.pubmatic.com cdn-a.yieldlove.com
1 yieldlove-d.openx.net cdn-a.yieldlove.com
1 cdn-a.yieldlove.com engel-orakel.de
319 73
Subject Issuer Validity Valid
www.engel-orakel.de
Starfield Secure Certificate Authority - G2		 2020-12-17 -
2021-12-17		 a year crt.sh
cdn-a.yieldlove.com
Amazon		 2020-09-18 -
2021-10-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
tracking.yieldlove-ad-serving.net
R3		 2021-04-26 -
2021-07-25		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-05-25 -
2021-08-03		 2 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
www.gonser.ch
Sectigo RSA Domain Validation Secure Server CA		 2021-02-10 -
2022-02-10		 a year crt.sh
www.conrad.ch
Cloudflare Inc ECC CA-3		 2021-05-17 -
2022-05-16		 a year crt.sh

This page contains 41 frames:

Primary Page: https://engel-orakel.de/
Frame ID: 2B99E0181C0A092FF9ED3887C285B3E4
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Frame ID: DEF45F518C65018A6419555FDDEC026D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9437261431515303&output=html&adk=3046330955&adf=2044148826&lmt=1622642447&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fengel-orakel.de%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622642447095&bpp=2&bdt=411&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=958423877998&frm=20&pv=2&ga_vid=119150623.1622642447&ga_sid=1622642447&ga_hid=241119780&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1199143921983512&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=119
Frame ID: CE69E255B6D666704A60B2AB6E8ED1EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7BF1077697AEA0032A001ACC6DCB29C9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04862C916A6D9E4ECEBE1DEC21EDA069
Requests: 1 HTTP requests in this frame

Frame: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1852202A2ED61C28E65E78142343B092
Requests: 20 HTTP requests in this frame

Frame: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CBC7D16E66CDF66E303FF85D22C91374
Requests: 20 HTTP requests in this frame

Frame: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 645BAAC387D2003A4B1F3C5E4AFB072C
Requests: 18 HTTP requests in this frame

Frame: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C0E39B0CFFC0BB361B594918100EF2F1
Requests: 13 HTTP requests in this frame

Frame: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7CBC4C3DAA80052245F270D157398901
Requests: 13 HTTP requests in this frame

Frame: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0995D2C80F46BF2F11F06E70B90341E2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY6Yb2ZzAB&v=APEucNWnZPHd3NL3srlFC5qqat9vR0tbDFkV-lATk3DfXvv95JhKQC8y7sAvbSUN13ZButmkzpqIAcqoQVRLTWJSzsYpwCG98g
Frame ID: DC33EEEF91443C31BD589D9F5D5873A0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYwez1ZzAB&v=APEucNX-fF6gQ3tlT3QZAFvGuKIdq3c1xJ7tMKNXOUnJBZtxAXy_ybpWEY3vsT2Uqm2IwncGccBFhbBEoJ6oYNnEpZ3AI_oPsA
Frame ID: E9DF751CBE695EB353279BFB3D995016
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNX2aQzYMqPAC9QgkDQnBhD4wQyTrwSsfIXJSbeFCjoDlWgTTP287b19rY0MfZ3FR--yIqehslaNKjtRA45lvI-nM3KWGA
Frame ID: 847256243953CE47819D5C26D6367E8F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNVDyuoSWXkiuFMIriH4f0ugi4Rqnx7ft-UyRpRcQfkeu4I6shrruk4OGH-JmaQegw25fAOE6sqAQsZ32rkFU-CFAMcCsQ
Frame ID: 15FB531A52FF433F9E7D3F88086885B3
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuGhAIQ8fOTAhijlMFiMAE&v=APEucNUqRjOfLbsykZmKLHk2y3QkaBvFT75ZY4uUpZhH_JbLYJ49etP_K80oMc6ldj7ZmHw_OUlNUAociJ3mJpessFbDlfoYag
Frame ID: 0A3B804F1B01F2BC05DA0E5DC4E618CD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 12979753D1C31C28BD7FA8B8709D659F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9A562568A3EE0257FE9227C6092B23C0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 77324DBD3A3D50599F68126DAF052649
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3C382053222294536BFB8B8D635B2FCB
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 73A3CC4E55EEE70A52EB333A7A41B240
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AE9B80C3D94238224E807E92A600BFCF
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
Frame ID: F95D748D444ADDE49E2245267C1447D9
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: AD445F12C5730E8C43C73DBAA415A5A0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB7148E203E0D7C958109C990E3075B5
Requests: 3 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: F8ECFE4E4B2D0139CA6BBB041180AA4F
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: C1366EA60786C88DF49DA8ADC781B5D5
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2040031/7907609/7907609.js?ADFassetID=7907609&bv=3074
Frame ID: B17A9AF14727333CEEB405D836FAAADA
Requests: 10 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2040031/7907609/7907609.js?ADFassetID=7907609&bv=3074
Frame ID: D4362AA8E3EFA020F46E87F856C252DC
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Frame ID: 08B4B83BC46EF9D5C41C569A415C9575
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alphaContainer.min.html
Frame ID: 1BC7AE7408F441F2E2F48A5CFE9A25B0
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alpha.min.html
Frame ID: BCB1EB555DD6F020E5874C9787725F3A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6C9904C40C31B31F17DB83D2A10873C6
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C8020FD9BB61C662F55454E08714EA62
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Frame ID: DDF71739C2042899E028FF1E054BE35A
Requests: 7 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4EBAE9FD-586B-4A48-A330-6D6CE531AADE
Frame ID: 3872F1CB4FE9A28E2D05794B18405343
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=361730013521623057
Frame ID: E619A90AE223B007308EC47BA5045ADD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 594FABECD6F7E359827462F2C30EEC57
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969196255859505299
Frame ID: 551C455B9E259F8B0DDE55AA8A4745C7
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Frame ID: 1DCA52E2F03E4B090CBE9C07ABFB8678
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Frame ID: F82334F218E69010F8BDA0A94840BB30
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Engel Horoskop | Online Orakel | Kartenlegen mit Engelkarten und Engelorakel - | kostenlos| Engelorakel | Engelkarten | Engelkarte ziehen

Page URL History Show full URLs

  1. http://engel-orakel.de/ HTTP 301
    https://engel-orakel.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

319
Requests

97 %
HTTPS

41 %
IPv6

41
Domains

73
Subdomains

51
IPs

9
Countries

6509 kB
Transfer

9417 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://engel-orakel.de/ HTTP 301
    https://engel-orakel.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsm6r92GWmio7WcjwWZmmQ&google_cver=1
Request Chain 140
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLePEHgmWv9DBNa9hCrAWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4_9lQOMjwhiFGxFRDEc1o&google_cver=1
Request Chain 143
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLePEHgmWv9DBNa9hCrAWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLePEHgmWv9DBNa9hCrAWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Request Chain 167
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLePEHgmWv9DBNa9hCrAWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIlmYDUqCjLYjRSqFcekq2Q&google_cver=1
Request Chain 169
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA4OTMyMTE5ODczNzcwMzQ0Mg%3D%3D
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHguN_r4U5qtG_LfhGXZ3Bo&google_cver=1
Request Chain 171
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDAwYjVmOGUtNzcyMC02MDgzLTQ1YjctMjc1MTk5YTRhZWE1
Request Chain 174
  • https://gcdn.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/27C8EABC6FD672A35E4E84435A2C7B61078ACE63.6A702FC003641BB51982AA35D0093434B46AD553/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/53EC7ADD6075757FCCE74AB4C32EB4B2BF64D8FD.6ECA386E747995EC41D33DD4F07E4E39875B5FC6/key/cms1/cms_redirect/yes/mh/1x/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1622641947/mv/m/mvi/3/pl/50/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/53EC7ADD6075757FCCE74AB4C32EB4B2BF64D8FD.6ECA386E747995EC41D33DD4F07E4E39875B5FC6/key/cms1/cms_redirect/yes/mh/1x/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1622641947/mv/m/mvi/3/pl/50/ir/1/rr/12/file/file.mp4
Request Chain 263
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Request Chain 264
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66d960b7-8f12-4100-a7b0-99373a6902d3
Request Chain 265
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Ks0KsSSbWbQxzl6yJJxF4i3LUbcxyQnjf8hBLRo7
Request Chain 266
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3100427437163623652
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDg0NWUzYmEtMWUzOS02ZDhhLTZlODEtNjBkZTYxNDZhMjJj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDg0NWUzYmEtMWUzOS02ZDhhLTZlODEtNjBkZTYxNDZhMjJj&google_tc=
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYuMerP9oluqhU_FZUzGJ4&google_cver=1
Request Chain 271
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 273
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=361730013521623057
Request Chain 275
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969196255859505299
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Trrp_VhrSkijMG1s5TGq3g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 277
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=66d960b7-8f12-4100-a7b0-99373a6902d3
Request Chain 278
  • https://pixel.onaudience.com/?partner=214&mapped=4EBAE9FD-586B-4A48-A330-6D6CE531AADE HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4c1dc40ef2dcfe40b8891255006257c4 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=d63cdb1a15f877e0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c337b70-a14a-4841-6143-d28542d56706&reqId=f6fb26eb-9b62-46b4-72c9-ce6cc05f8faf&zcluid=d63cdb1a15f877e0&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJ_I0vfZw-N_Cq1TUd-FW1Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c337b70-a14a-4841-6143-d28542d56706&reqId=f6fb26eb-9b62-46b4-72c9-ce6cc05f8faf&zcluid=d63cdb1a15f877e0&zdid=1332
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEVCQUU5RkQtNTg2Qi00QTQ4LUEzMzAtNkQ2Q0U1MzFBQURF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBbnMGhH5KYAl2zHiIVEkiQ&google_cver=1
Request Chain 282
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2858328732030527945
Request Chain 283
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:66d960b7-8f12-4100-a7b0-99373a6902d3&gdpr=0&gdpr_consent=
Request Chain 284
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7a9e7267-0cb6-48b8-b6dc-0c1c83168882
Request Chain 285
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3882945042946080641&gdpr=0&gdpr_consent=
Request Chain 287
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4EBAE9FD-586B-4A48-A330-6D6CE531AADE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4EBAE9FD-586B-4A48-A330-6D6CE531AADE&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.tcBYg1E2uXr4hkX_FbIFfSh2DMjjYM-~A&gdpr=0&gdpr_consent=
Request Chain 288
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l9gm8pmOdfeM23LxmYlpoZDeffSM3CWgwt2C52m0
Request Chain 289
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=05d06418-f8c4-49e5-b0cf-5678c69e0dae&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=68307235-481e-4433-8743-e91ae5157e77&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 290
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YLePEgABRY3qiQBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLePEgABRY3qiQBg&gdpr=0&gdpr_consent=&_test=YLePEgABRY3qiQBg
Request Chain 305
  • https://cct.connects.ch/tpv.php?t=117617V1843154155B&subid=oneidpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXBoneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://cct.gonser.ch/tpv.php?t=117617V1843154155B&subid=oneidpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXBoneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0&sdtr=1 HTTP 302
  • https://cct.gonser.ch/images/spacer.gif HTTP 302
  • https://www.gonser.ch/
Request Chain 308
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkXoneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?insert=AW
Request Chain 316
  • https://cct.connects.ch/tpv.php?t=117617V1843154155B&subid=oneid4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64oneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://cct.gonser.ch/tpv.php?t=117617V1843154155B&subid=oneid4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64oneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0&sdtr=1 HTTP 302
  • https://cct.gonser.ch/images/spacer.gif HTTP 302
  • https://www.gonser.ch/
Request Chain 319
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkXoneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?insert=AW

319 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
engel-orakel.de/
Redirect Chain
  • http://engel-orakel.de/
  • https://engel-orakel.de/
85 KB
86 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache / PHP/7.3.23
Resource Hash
44dce0f645d64eaa6d0f5aaf5b600594939d112429d6eef3a8c87e6ce4d7b163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
engel-orakel.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Server
Apache
Cache-Control
must-revalidate, no-cache, no-store, private
x-powered-by
PHP/7.3.23
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Contao-Cache
miss
Age
0
Set-Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; path=/; secure; httponly csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A; path=/; secure; httponly; samesite=lax
Content-Length
86996
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Server
Apache
x-powered-by
PHP/7.3.23
Referrer-Policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
Contao-Cache
miss
Location
https://engel-orakel.de/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
engel-orakel.de/assets/css/ 		248 KB
248 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
42a1755320f92a30d62f5b5fdedca636faa827e8a13b951d69529040659c62f1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:04 GMT
Server
Apache
ETag
"3dee7-5bd41fc25c5ce"
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
253671
jquery.min.js,modernizr-2.6.2.min.js-a7671dc3.js
engel-orakel.de/assets/js/ 		101 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/assets/js/jquery.min.js,modernizr-2.6.2.min.js-a7671dc3.js
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
9d0194f9dbd62690e0ea618eee10ac2c66e4a4649bc3abde1bca8bfd4f8695e2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:04 GMT
Server
Apache
ETag
"19236-5bd41fc25c5ce"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
102966
cookie-bar.css
engel-orakel.de/bundles/marketingsuite/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/bundles/marketingsuite/css/cookie-bar.css
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
0f0183a84dde72164b45de0ca8d50e3f2a76245eb0a8d3e16e7d0930f72c9843

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Mon, 08 Mar 2021 10:19:18 GMT
Server
Apache
ETag
"b97-5bd03c4365580"
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2967
yieldlove-bidder.js
cdn-a.yieldlove.com/ 		367 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-74.cdg52.r.cloudfront.net
Software
/ Express
Resource Hash
703693c78bd9d40767889804c252a583a336bbd5316b37ad491e2efb653a30f2

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 12:46:30 GMT
content-encoding
gzip
etag
"5bb8a-OnQEtGw9RLnLaUs3Yk+eWyia4I0"
age
4456
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
cdmUuG9JBdOg5T-kSh-2p_w318-LfWigLO41deW3uoMNwHKC3304dA==
via
1.1 c554699ee704a19f7545cb8005037199.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
273db84cdb98a17d2f73f3d664008e721d350acef40f3e68d944fc3f53832abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"890 / 824 of 1000 / last-modified: 1622632646"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21250
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:46 GMT
engel-orakel-engelkarte-ziehen.jpg
engel-orakel.de/files/engelorakel/header/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/header/engel-orakel-engelkarte-ziehen.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
55487b181bed423c75d4190f83de033a68ea829b82020033b84e4b4d1acf2e04

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 24 Jul 2018 14:12:17 GMT
Server
Apache
ETag
"1b6d1-571bf5973b240"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
112337
engel-orakel-logo.png
engel-orakel.de/files/engelorakel/design/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/design/engel-orakel-logo.png
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
4319777be101e52d0b11a5e31cbb19c8c4f8051dbefafbba6652dffc4c18be1a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Mon, 23 Jul 2018 19:29:50 GMT
Server
Apache
ETag
"120d1-571afab420780"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
73937
engel-orakel-lebenshilfe.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-orakel-lebenshilfe.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e8323947c3814299b6ffb638f9507e405681934f189496dd4926d2face15d766

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 07 Aug 2018 08:18:37 GMT
Server
Apache
ETag
"572b-572d40a6b7140"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
22315
engel-neuigkeiten-news.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-neuigkeiten-news.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
5f6e1968a7c582ce78c3539a0ce67fec1fbbcd7c4004f5ee05d55e6e0df09eee

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Mon, 12 Nov 2018 21:07:57 GMT
Server
Apache
ETag
"59cd-57a7e18608540"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
22989
engelkarte-ziehen-tageskarten.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engelkarte-ziehen-tageskarten.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
12ecd08cb26fb43773052706e7037c79ed54506d196c84549f0f5605980d99eb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 09 Aug 2018 19:00:54 GMT
Server
Apache
ETag
"5307-573053f162580"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21255
engel-ja-nein-orakel.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-ja-nein-orakel.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
b27ba46ad704cbf0c522e26ba619cee2dd1ab53a798b167419900bcd0968a8a4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Sat, 18 Apr 2020 18:19:15 GMT
Server
Apache
ETag
"637a-5a394b41444f8"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
25466
engelkerzen-online-anzuenden.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engelkerzen-online-anzuenden.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
d550da1de4a2ee8124c7b8f50f456f8f56291433150c6e8e3751147c90ea37b1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Fri, 10 Aug 2018 17:35:19 GMT
Server
Apache
ETag
"5b07-573182adba3c0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
23303
engel-memory.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-memory.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
4a7a5612685a08000af2945cfe9dce505945ccea47c725e635b21578fc55aa3f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Fri, 10 Aug 2018 09:12:53 GMT
Server
Apache
ETag
"5efa-5731126042f40"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
24314
wochen-horoskop.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/wochen-horoskop.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
a34f5f9c88161f572fe8de5bb5a9f462c7683a5f9a3adeaa03c85dee8f6e22e0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 09 Aug 2018 19:00:57 GMT
Server
Apache
ETag
"6242-573053f43ec40"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
25154
engelorakel-online-kostenlos.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engelorakel-online-kostenlos.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
99bb22ac916a05dd9c7abff4bdccf9f8962b07d1f0aa74b139ed41ba4e14bba0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Fri, 10 Aug 2018 13:39:21 GMT
Server
Apache
ETag
"5e6b-57314def9b440"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
24171
engelkarten-einzelbedeutung.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engelkarten-einzelbedeutung.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
4765118fee8e0a9cc9b83c9fd2204461b6d9068c431a21cc31d1490d189855ae

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 09 Aug 2018 19:00:54 GMT
Server
Apache
ETag
"5c3c-573053f162580"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
23612
engel-shop.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-shop.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
98eed1c77051dd9176d6079c51760483b3e45f31ab777c0d8912a3787aff2301

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 04 Sep 2018 11:08:02 GMT
Server
Apache
ETag
"67cb-57509abdb8880"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
26571
engel-shop-geschenke.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-shop-geschenke.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
2e74b92c19c3724ec401a51e109fade305ea8e6f556f9c9d9eee6ca7f83558c8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 09 Aug 2018 19:00:56 GMT
Server
Apache
ETag
"5e72-573053f34aa00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
24178
engel-shop-karten-kaufen.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-shop-karten-kaufen.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
d6f63c530ef07928f2a44c22ba2a9b736702f4aac31baa2821a52682368476bb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 09 Aug 2018 19:00:56 GMT
Server
Apache
ETag
"6259-573053f34aa00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
25177
engel-shop-schmuck-kaufen.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-shop-schmuck-kaufen.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
d626fb9452f42746173bd16800ead95a42ed47314068323019e4ea52c106cf7e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 09 Aug 2018 19:00:57 GMT
Server
Apache
ETag
"624e-573053f43ec40"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
25166
engel-shop-meditation-musik.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-shop-meditation-musik.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
7af34b1d126d117c4c56d456b278da2aa98cd9eba22c7123f4f9cbaaf04be8f8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Fri, 02 Nov 2018 10:57:12 GMT
Server
Apache
ETag
"5a3c-579ac65c07200"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
23100
engel-shop-buecher.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/engel-shop-buecher.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
2e947aa82625d42bd337f9e5f491ca29f8091bdd95e4369306cc44caa19659d1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 09 Aug 2018 19:00:55 GMT
Server
Apache
ETag
"5f50-573053f2567c0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
24400
ueber-die-engel.jpg
engel-orakel.de/files/engelorakel/engel-kategorie/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/engel-kategorie/ueber-die-engel.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
b259eaed7bbd20e6276267e341dfda4a067a5d964374a7c04b900299cea34ed2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 09 Aug 2018 19:40:17 GMT
Server
Apache
ETag
"489e-57305cbeeaa40"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18590
kerze-gruen1.gif
engel-orakel.de/files/engelorakel/friedenskerzen/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/friedenskerzen/kerze-gruen1.gif
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
91f18fa78c5d9401e9d15f156ab164ea64c043c522ffd27eed303c9f5c53928a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 14 Aug 2018 10:14:37 GMT
Server
Apache
ETag
"4115-573627a283d40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
16661
kerze-weiss1.gif
engel-orakel.de/files/engelorakel/friedenskerzen/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/friedenskerzen/kerze-weiss1.gif
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
b782edf575a692fd9d171bead2371d1189c21b34d1493614c8a8feac29c9a084

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 14 Aug 2018 10:14:48 GMT
Server
Apache
ETag
"45be-573627ad01600"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
17854
kerze-pink2.gif
engel-orakel.de/files/engelorakel/friedenskerzen/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/friedenskerzen/kerze-pink2.gif
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
10f925d5fdaef6d8572fba84344a1601fbaa2fa87132544132a140da79cd469a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 14 Aug 2018 10:14:40 GMT
Server
Apache
ETag
"4148-573627a560400"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
16712
kerze-rot3.gif
engel-orakel.de/files/engelorakel/friedenskerzen/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/friedenskerzen/kerze-rot3.gif
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
68a6cdb614e361f4e0f07268bf7296f4836efeaf0affd39f4d465c7d19293515

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 14 Aug 2018 10:14:42 GMT
Server
Apache
ETag
"4151-573627a748880"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
16721
kerze-gruen4.gif
engel-orakel.de/files/engelorakel/friedenskerzen/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/friedenskerzen/kerze-gruen4.gif
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
599edbddae84c456469a9b9ff96d2e698c698356cb4f6a0cd0c16c4593b9a5de

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 14 Aug 2018 10:14:38 GMT
Server
Apache
ETag
"403e-573627a377f80"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
16446
kerze-gruen5.gif
engel-orakel.de/files/engelorakel/friedenskerzen/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/friedenskerzen/kerze-gruen5.gif
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
91f15d3482b1fb7f5dbad9d244a46591a90baf83d946e2b7d6b606871f88cc0c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 14 Aug 2018 10:14:38 GMT
Server
Apache
ETag
"523c-573627a377f80"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
21052
kerze-weiss5.gif
engel-orakel.de/files/engelorakel/friedenskerzen/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/friedenskerzen/kerze-weiss5.gif
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
8283471b09655ce0aa6cd9766e1b23d5de1398c8869588ba7692fdc464a01d3a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Tue, 14 Aug 2018 10:14:49 GMT
Server
Apache
ETag
"5494-573627adf5840"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
21652
engelkerze-online-anzuenden.jpg
engel-orakel.de/files/engelorakel/friedenskerzen/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/friedenskerzen/engelkerze-online-anzuenden.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
12737d46868dfaf122a6501be374f5277680e76cc2ea2b06dd219cc24c3e7261

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Fri, 10 Aug 2018 18:25:28 GMT
Server
Apache
ETag
"3d69-57318de355600"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
15721
engelorakel-ja-nein-orakel-3523a194.jpg
engel-orakel.de/assets/images/4/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/assets/images/4/engelorakel-ja-nein-orakel-3523a194.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
26a3d842e5828f779fbd19a127963d8a7936c3cd9c14147d0f52c9aa44e7a87e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:00 GMT
Server
Apache
ETag
"3ef9-5bd41fbe56196"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
16121
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
519e7eb4cb5c041d430896b12022586b5e6f113d91a459511e5fdd046d107c02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48406
x-xss-protection
0
server
cafe
etag
4803332960857302342
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 14:00:46 GMT
engelkerzen-online-anzuenden-e8a551c6.jpg
engel-orakel.de/assets/images/6/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/assets/images/6/engelkerzen-online-anzuenden-e8a551c6.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
7a155d0a3a573f708cbc42c43a378a77ce49cb3255040f8657bf2eca6ddf3e41

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:01 GMT
Server
Apache
ETag
"9ce-5bd41fbf9faf9"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2510
engelorakel-online-kostenlos-ed21f13a.jpg
engel-orakel.de/assets/images/9/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/assets/images/9/engelorakel-online-kostenlos-ed21f13a.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
f057e34464cc6a3ac53f29f643da76366c49aed31fdea85a8f8e66e9a07c7bf7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:01 GMT
Server
Apache
ETag
"ab1-5bd41fbfb5a88"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2737
engel-ja-nein-orakel-88189a56.jpg
engel-orakel.de/assets/images/8/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/assets/images/8/engel-ja-nein-orakel-88189a56.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
37e9f465fbb939403dad32ae05f527bd6ce5503f3d7dc21f2915fda56d6b566d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:01 GMT
Server
Apache
ETag
"aa7-5bd41fbfb5a88"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
2727
engel-shop-35e87236.jpg
engel-orakel.de/assets/images/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/assets/images/1/engel-shop-35e87236.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
45303fe5e631e65eb5972dd24d6cdcb289a39c1119ab1f06a791a8c62d6ce75f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:01 GMT
Server
Apache
ETag
"a68-5bd41fbfbf6c8"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
2664
engelkarte-ziehen-tageskarten-60ddfd50.jpg
engel-orakel.de/assets/images/2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/assets/images/2/engelkarte-ziehen-tageskarten-60ddfd50.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
a8201aec2d9a0e97fbb2bf70209e9b88e4468f4353d9aa132d74801b7b391f63

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:01 GMT
Server
Apache
ETag
"8f6-5bd41fbfb3378"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
2294
engelkarten-einzelbedeutung-e00d7722.jpg
engel-orakel.de/assets/images/4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/assets/images/4/engelkarten-einzelbedeutung-e00d7722.jpg
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
add9cb54a3d4d53f3549b6f5529b9fddb8f8d9fe0323a520576c2b9350937f74

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Thu, 11 Mar 2021 12:33:01 GMT
Server
Apache
ETag
"a45-5bd41fbf95eba"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
2629
colorbox.min.js
engel-orakel.de/assets/colorbox/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/assets/colorbox/js/colorbox.min.js?v=1.6.6
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
5fc4470b0913df7876ddfeda8ceb69dec8250a932a7ca2ad15b6b5b4b7933aa6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Fri, 01 May 2020 15:29:20 GMT
Server
Apache
ETag
"326b-5a497d854b400"
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12907
script.js
engel-orakel.de/files/oneo/js/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/files/oneo/js/script.js
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
45b536f026aaec6990ad1d29304453365e84392d520e2adc4d0473a2618b763d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://engel-orakel.de/
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Sun, 18 Aug 2019 18:15:30 GMT
Server
Apache
ETag
"7915-59068355f7480"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
30997
open-sans-v15-latin-regular.woff2
engel-orakel.de/files/oneo/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/files/oneo/fonts/open-sans-v15-latin-regular.woff2
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://engel-orakel.de
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Origin
https://engel-orakel.de
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Wed, 18 Jul 2018 13:37:18 GMT
Server
Apache
ETag
"36e0-57146294b3f80"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
14048
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2963
date
Wed, 02 Jun 2021 13:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 02 Jun 2021 15:11:23 GMT
arj
yieldlove-d.openx.net/w/1.0/ 		15 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yieldlove-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fengel-orakel.de%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=00384574-2c01-4477-ae78-8096503fd03d%2C090691f9-f117-436f-9875-577c1918b696%2C0a488d00-0955-41b9-b974-2205794cdf7e%2C199e9d0b-a672-4bd9-a48c-c96a1638f549%2Cffecfe58-35ad-46ed-bdd9-d67db9e66d3e%2C6d00f209-c4b1-45ed-9ea3-08c219d74827%2C17dc9317-7948-4416-bb15-77f4417b2f38&nocache=1622642446878&aus=160x600%2C120x600%7C300x600%2C200x600%2C160x600%2C120x600%2C300x250%2C200x200%2C250x250%7C336x280%2C300x250%7C728x90%7C728x90%7C970x250%2C970x90%2C800x250%2C770x250%2C728x90%7C970x250%2C970x90%2C800x250%2C770x250%2C728x90&divIds=%252F53015287%252Fengel-orakel.de_d_160x600_1%2C%252F53015287%252Fengel-orakel.de_d_300x600_1%2C%252F53015287%252Fengel-orakel.de_d_336x280_1%2C%252F53015287%252Fengel-orakel.de_d_728x90_1%2C%252F53015287%252Fengel-orakel.de_d_728x90_2%2C%252F53015287%252Fengel-orakel.de_d_970x250_1%2C%252F53015287%252Fengel-orakel.de_d_970x250_2&auid=540581102%2C540581037%2C540581109%2C540581058%2C540606616%2C540581021%2C540581036
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
bded46cf7cb5ec9b3fffc77623e5226fc50daf544504dfb9b586871cf94c1342

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://engel-orakel.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
1445
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:46 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:46 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:46 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:46 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:46 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:46 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:46 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://engel-orakel.de
date
Wed, 02 Jun 2021 14:00:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:46 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid
a73e6818-4faf-44ff-8035-716bef046afe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://engel-orakel.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ 		35 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTY0MDk4MSZ0cmFuc2FjdGlvbklkPTAwMzg0NTc0LTJjMDEtNDQ3Ny1hZTc4LTgwOTY1MDNmZDAzZA%3D%3D&bWlkPTY0MDk2MCZ0cmFuc2FjdGlvbklkPTA5MDY5MWY5LWYxMTctNDM2Zi05ODc1LTU3N2MxOTE4YjY5Ng%3D%3D&bWlkPTY0MDk4MCZ0cmFuc2FjdGlvbklkPTBhNDg4ZDAwLTA5NTUtNDFiOS1iOTc0LTIyMDU3OTRjZGY3ZQ%3D%3D&bWlkPTY0MDk4MiZ0cmFuc2FjdGlvbklkPTE5OWU5ZDBiLWE2NzItNGJkOS1hNDhjLWM5NmExNjM4ZjU0OQ%3D%3D&bWlkPTY0NTEwOSZ0cmFuc2FjdGlvbklkPWZmZWNmZTU4LTM1YWQtNDZlZC1iZGQ5LWQ2N2RiOWU2NmQzZQ%3D%3D&bWlkPTY0MDkyOSZ0cmFuc2FjdGlvbklkPTZkMDBmMjA5LWM0YjEtNDVlZC05ZWEzLTA4YzIxOWQ3NDgyNw%3D%3D&bWlkPTY0MDk1OSZ0cmFuc2FjdGlvbklkPTE3ZGM5MzE3LTc5NDgtNDQxNi1iYjE1LTc3ZjQ0MTdiMmYzOA%3D%3D&pt=gross&stid=32dca6b5-9a2f-49f4-a186-86c484ea2e1a&fd=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3626dfe8af785e89e204420120086c24ec6f8b72c320fb2500745b0f47893f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
35
expires
-1
rocksolid-icons.woff
engel-orakel.de/files/oneo/fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/files/oneo/fonts/rocksolid-icons.woff
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
14dc68a6a36ac58118d04a63826c9f9ef98c16aed08df65c749b47ff82217330

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://engel-orakel.de
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Origin
https://engel-orakel.de
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Sun, 18 Aug 2019 18:15:30 GMT
Server
Apache
ETag
"a940-59068355f7480"
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
43328
open-sans-v15-latin-700.woff2
engel-orakel.de/files/oneo/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/files/oneo/fonts/open-sans-v15-latin-700.woff2
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://engel-orakel.de
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Origin
https://engel-orakel.de
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Wed, 18 Jul 2018 13:37:12 GMT
Server
Apache
ETag
"3980-5714628efb200"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
14720
the-girl-next-door-v8-latin-regular.woff2
engel-orakel.de/files/oneo/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://engel-orakel.de/files/oneo/fonts/the-girl-next-door-v8-latin-regular.woff2
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
fb72b02eb35fb8bd913463acd11cad1e00fe85b69a343d374d38b25c45d68f46

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://engel-orakel.de
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
Connection
keep-alive
Origin
https://engel-orakel.de
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:46 GMT
Last-Modified
Wed, 18 Jul 2018 13:34:44 GMT
Server
Apache
ETag
"57b8-57146201d6500"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
22456
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ 		311 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:47 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=241119780&t=pageview&_s=1&dl=https%3A%2F%2Fengel-orakel.de%2F&ul=en-us&de=UTF-8&dt=Engel%20Horoskop%20%7C%20Online%20Orakel%20%7C%20Kartenlegen%20mit%20Engelkarten%20und%20Engelorakel%20-%20%7C%20kostenlos%7C%20Engelorakel%20%7C%20Engelkarten%20%7C%20Engelkarte%20ziehen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1265147298&gjid=2116691829&cid=119150623.1622642447&tid=UA-119750620-12&_gid=412187602.1622642447&_r=1&_slc=1&z=371472891
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg-footer.png
engel-orakel.de/files/engelorakel/design/ 		334 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engel-orakel.de/files/engelorakel/design/bg-footer.png
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:404::21c Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e624ecea3d3f80486e2d57e869b32f359911961e92ac8bec33ab95ac0dc7e330

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
engel-orakel.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
Cookie
PHPSESSID=4f8d4c1e61d07cd399eb0bfe59915575; csrf_https-contao_csrf_token=6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A; _ga=GA1.2.119150623.1622642447; _gid=GA1.2.412187602.1622642447; _gat=1
Connection
keep-alive
Referer
https://engel-orakel.de/assets/css/icons.min.css,colorbox.min.css,normalize.css,icons.css,main.css,...-5545c008.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:47 GMT
Last-Modified
Tue, 20 Nov 2018 12:21:30 GMT
Server
Apache
ETag
"53726-57b17ac602680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
341798
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/ 		233 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9437261431515303&plah=engel-orakel.de&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87751
x-xss-protection
0
server
cafe
etag
1549945764410104263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 14:00:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/ Frame DEF4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210525/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 02 Jun 2021 01:21:09 GMT
expires
Wed, 16 Jun 2021 01:21:09 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
cache-control
public, max-age=1209600
age
45578
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		4 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-119750620-12&cid=119150623.1622642447&jid=1265147298&gjid=2116691829&_gid=412187602.1622642447&_u=YEBAAEAAAAAAAC~&z=1904185736
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Jun 2021 14:00:47 GMT
content-type
text/plain
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=engel-orakel.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=engel-orakel.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		131 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1199143921983512&correlator=11891929088473&output=ldjh&impl=fifs&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210602&iu_parts=53015287%2Cengel-orakel.de_d_970x250_1%2Cengel-orakel.de_d_970x250_2%2Cengel-orakel.de_d_336x280_1%2Cengel-orakel.de_d_728x90_2%2Cengel-orakel.de_d_160x600_1%2Cengel-orakel.de_d_300x600_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x250%2C970x250%2C336x280%2C728x90%2C160x600%2C300x600&prev_scp=yieldlove_reload%3Dpid%253A17753.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A17753.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A17753.po%253Adefault%26yieldlove_meta%3Dpid%253A17753.sb%253Af%26yieldlove_pid%3D17753%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fengel-orakel.de_d_970x250_1%7Cyieldlove_reload%3Dpid%253A17755.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A17755.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A17755.po%253Adefault%26yieldlove_meta%3Dpid%253A17755.sb%253Af%26yieldlove_pid%3D17755%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fengel-orakel.de_d_970x250_2%7Cyieldlove_reload%3Dpid%253A17756.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A17756.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A17756.po%253Adefault%26yieldlove_meta%3Dpid%253A17756.sb%253Af%26yieldlove_pid%3D17756%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fengel-orakel.de_d_336x280_1%7Cyieldlove_reload%3Dpid%253A18012.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A18012.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A18012.po%253Adefault%26yieldlove_meta%3Dpid%253A18012.sb%253Af%26yieldlove_pid%3D18012%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fengel-orakel.de_d_728x90_2%7Cyieldlove_reload%3Dpid%253A17757.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A17757.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A17757.po%253Adefault%26yieldlove_meta%3Dpid%253A17757.sb%253Af%26yieldlove_pid%3D17757%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fengel-orakel.de_d_160x600_1%7Cyieldlove_reload%3Dpid%253A17754.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A17754.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse%26yieldlove_ab%3Dpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A17754.po%253Adefault%26yieldlove_meta%3Dpid%253A17754.sb%253Af%26yieldlove_pid%3D17754%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D%252F53015287%252Fengel-orakel.de_d_300x600_1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1622642447&dt=1622642447167&dlt=1622642446684&idt=425&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C200%2C240%2C240%2C1160%2C1160&adys=371%2C855%2C1784%2C8230%2C1261%2C1825&adks=346143110%2C1227044352%2C1536005744%2C3544399319%2C2092509882%2C3975952725&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fengel-orakel.de%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x16%7C1200x16%7C880x16%7C880x16%7C240x15%7C240x15&msz=1200x0%7C1200x0%7C880x0%7C880x0%7C240x0%7C240x0&ga_vid=119150623.1622642447&ga_sid=1622642447&ga_hid=241119780&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
0d6656b036c45de84efb1ede94ea26c62ba22f8cc788eefcafd1331f95997644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39470
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://engel-orakel.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ga-audiences
www.google.com/ads/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-119750620-12&cid=119150623.1622642447&jid=1265147298&_u=YEBAAEAAAAAAAC~&z=1702210259
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-119750620-12&cid=119150623.1622642447&jid=1265147298&_u=YEBAAEAAAAAAAC~&z=1702210259
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		205 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=engel-orakel.de&callback=_gfp_s_&client=ca-pub-9437261431515303
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9437261431515303&plah=engel-orakel.de&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f3d60f540437cf3c93eb4b1aeb5644ff45be79d74cf873c0d774515aa042cd4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fengel-orakel.de%2F&tn=DIV&cls=mod_cms_accept_tags%20block&ign=false
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=engel-orakel.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9437261431515303&plah=engel-orakel.de&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=engel-orakel.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9437261431515303&plah=engel-orakel.de&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CE69 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9437261431515303&output=html&adk=3046330955&adf=2044148826&lmt=1622642447&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fengel-orakel.de%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622642447095&bpp=2&bdt=411&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=958423877998&frm=20&pv=2&ga_vid=119150623.1622642447&ga_sid=1622642447&ga_hid=241119780&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1199143921983512&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9437261431515303&plah=engel-orakel.de&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9437261431515303&output=html&adk=3046330955&adf=2044148826&lmt=1622642447&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fengel-orakel.de%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622642447095&bpp=2&bdt=411&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=958423877998&frm=20&pv=2&ga_vid=119150623.1622642447&ga_sid=1622642447&ga_hid=241119780&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1199143921983512&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 02 Jun 2021 14:00:47 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 02-Jun-2021 14:15:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Jun 2021 14:00:47 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9437261431515303&plah=engel-orakel.de&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210525&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9437261431515303&plah=engel-orakel.de&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd5eda47e0f456e44c58fee0a61bd6d825143b60d8d4d68873eb6d46866ef05d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8228
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9437261431515303&plah=engel-orakel.de&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7BF1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 02 Jun 2021 12:52:57 GMT
expires
Thu, 02 Jun 2022 12:52:57 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4070
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0486 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01e3b5e22cde0ddc2b04e618ad109ee24c5948565f839935d4a436b8d701611b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l5SG3pNcqsZo/6gxrGKF7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

expires
Wed, 02 Jun 2021 14:00:47 GMT
date
Wed, 02 Jun 2021 14:00:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-l5SG3pNcqsZo/6gxrGKF7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 7BF1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 09:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
16933
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Thu, 02 Jun 2022 09:18:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210525&jk=1199143921983512&bg=!-fql-r7NAAaMan2LjGo7ACkAdvg8WiK-rmEv36lrRxSTsRA23WrI6OXeyPH3pKSBATQ3TdLAgm_XBgIAAABWUgAAAAtoAQcKAHLiEIkiyHcHHTwWFW8S7Q1ScKT2qEvv6Mx9UkeZDqe9dJcMDr0u--if2xy7udgV4tZRIqWQQLqgRmmR89kBnsePv25oYMPAi5I_iVPUyVq3L1jakM032KCR4Q725fsWm7y34if79bVISFfow3fT8cSXBbSZAlI5JRfbEc-jdTm-xG9wfzECFH62oJ0uI8LGgFPwRzPDV9d65oykvviyk9odX6h5weQ46olWdki-ZsooJf_wwWOXpFhFVGl1Z2ki2C4yeZhb3mMXAyx946yEOL_61pQqk52B8EPSA1GijfuC3yuaLJ5rGtyfHe0KNBG0y0QV2Z-w60yd81rDnf0xXEQ0LHqgA30HvCqCYL7-JZBvHuc_sCLXqS7Vh9dfUthCh8DcEA5HyAD2HQ2oghnz6Kvtiw-m9vBxWEZgXxMDz-Pk7Lt6vxZzpkSmnnJC02seb0Fut53AAZuOwMPqqOXNZeOCFfGJbNsoAuIu54LK-2ftHu2dl5GzJh3yOBtMj0Rd2olUUlb0K1NStUKOeWthkJkoVAxrgIbwk7ZknQAamqI0xxWYqKOPvNMctJ2VD16m7W8d1NHzUNtqXl7D1srCm7XQ6XJ7NK81zq71-Ys-2uoeiC8sNaI-USaXW6OtstzXZURpoab4SHKgLPnz1f2rzij9qA7XOwU4qaxDOxikJud2WDA-jnrWRajPBaUBYgPJfVnntLNYNX3RHa4RFAA-gx3iGONhDxQIVX4_rfzGavJ9XXXVFcE1pIvJqDNrYIUo5V3rTfshDUR3ppT6tVRWklxss9TH8Cup1DLD6WuHB88sBiTxoq-UP0utVcxq3rQbmolISeE5-ELTFY0SUZnx7O83mCFu6ZKmbQZUKYu485wnptunYV4HnPURHSwYwaAo7aWbarbdQJrxAVL7oitVti1Qu6sqkyvls_n7i2NpCgT7BSaSesMr5Ns
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1852 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 14:00:47 GMT
expires
Thu, 02 Jun 2022 14:00:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CBC7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 14:00:47 GMT
expires
Thu, 02 Jun 2022 14:00:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hb2.php
tracking.yieldlove-ad-serving.net/ 		2 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.yieldlove-ad-serving.net/hb2.php
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.28.163.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 02 Jun 2021 14:36:27 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
text/plain;charset=UTF-8
hb2.php
tracking.yieldlove-ad-serving.net/ 		2 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.yieldlove-ad-serving.net/hb2.php
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.28.163.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 02 Jun 2021 14:36:27 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
text/plain;charset=UTF-8
container.html
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 645B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 14:00:47 GMT
expires
Thu, 02 Jun 2022 14:00:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C0E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 14:00:47 GMT
expires
Thu, 02 Jun 2022 14:00:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7CBC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 14:00:47 GMT
expires
Thu, 02 Jun 2022 14:00:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0995 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 02 Jun 2021 14:00:47 GMT
expires
Thu, 02 Jun 2022 14:00:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hb2.php
tracking.yieldlove-ad-serving.net/ 		2 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.yieldlove-ad-serving.net/hb2.php
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.28.163.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 02 Jun 2021 14:36:27 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
text/plain;charset=UTF-8
hb2.php
tracking.yieldlove-ad-serving.net/ 		2 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.yieldlove-ad-serving.net/hb2.php
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.28.163.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 02 Jun 2021 14:36:27 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
text/plain;charset=UTF-8
hb2.php
tracking.yieldlove-ad-serving.net/ 		2 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.yieldlove-ad-serving.net/hb2.php
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.28.163.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 02 Jun 2021 14:36:27 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
text/plain;charset=UTF-8
hb2.php
tracking.yieldlove-ad-serving.net/ 		2 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.yieldlove-ad-serving.net/hb2.php
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.28.163.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-163-57.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a

Request headers

Referer
https://engel-orakel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 02 Jun 2021 14:36:27 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
text/plain;charset=UTF-8
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 645B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:58:37 GMT
css
fonts.googleapis.com/ Frame 645B 		8 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Jun 2021 12:56:01 GMT
server
ESF
date
Wed, 02 Jun 2021 14:00:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Jun 2021 14:00:47 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/ Frame 645B 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.css
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 06:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28268
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 26 May 2021 15:26:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 06:09:39 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/ Frame 645B 		352 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c1928faa8d6d02957353b3d37ef93f1807b952d66f209b3ca5a7da823cd487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 11:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94390
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125173
x-xss-protection
0
last-modified
Wed, 26 May 2021 15:26:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 11:47:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 645B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:59:35 GMT
l
www.google.com/ads/measurement/ Frame 645B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTolmyarfV3a8iy4dw6wRrBuc4BUbOwP_hgqSFj3IGvbQQca-w7b3XHCN_A8EMsIdO099R1
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame DC33 		478 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY6Yb2ZzAB&v=APEucNWnZPHd3NL3srlFC5qqat9vR0tbDFkV-lATk3DfXvv95JhKQC8y7sAvbSUN13ZButmkzpqIAcqoQVRLTWJSzsYpwCG98g
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CICHEhCs1xMY6Yb2ZzAB&v=APEucNWnZPHd3NL3srlFC5qqat9vR0tbDFkV-lATk3DfXvv95JhKQC8y7sAvbSUN13ZButmkzpqIAcqoQVRLTWJSzsYpwCG98g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Jun 2021 14:00:47 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUk1fMdD0SxMc-aob19DPQQ48V4QvOZPZ8xxyS6baaeeM8kmeFGG-T-j7Xov; expires=Mon, 27-Jun-2022 14:00:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Jun 2021 14:00:47 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C0E3 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CT8fYkdfiY4QZsjqeXjdvVsi3K4y-pSbsYAoUDgztdJYFkKeFo-C8rB2RA2F1_CiXSE9OvSODBn-baxmQLinVDI4ZwzSZOtbbpr1_LaC_l_wGS97rkF2oTX7kOB1v5kLUUwFV_O2IEydLUm3jd7qEXmvE9yg&cry=1&dbm_d=AKAmf-CpPYyLYMQ1MOB48yHSKfpi2VbHVpR2AhemEnSrVuW4XiRjeos3JyZiP-KAVLZH-5NmDJBPc77z_NPsKTa2waO0lJL3wMTng-qWL8O2t4YnsBi5MsBpZv5Jl55sxXi3uAidXJRRpGwpm2MT2x0AcyGLNdDfEjC966E37gNKuoBtDXpHNf6oHwCP-VsQaS3JtZgaGCUwuvOgQWXw72YJCK2pw0ebz27QiUT2S7QDxatfM6cJHJbs5iq2gigbFolGUgehuxd8KBOHzB5khXuuIJeAuEJUxOZkqfr6M-D7AUXjJXo22j7i0NBmIWqhiApGCVHBDqoMUqj0uRaEKtefHaoXQ6Embyl4ICNprUy_30UC1dFkV_jbQmJoNswzizQ3OWhtz34O9lo3MvTzjFQ4lLDmPOVyP1N1O6p4NLzYxlRurihZ1u7nBjEMduJ9kTygmcnipGzVuZ6kChhQI3_CEgyT9M7n9aPVvI5ZzWw1WsC403jGNvyG7XpCy68kpS68bTIsmWiWBTXJK3oTxThu-d8OXavoKNmoOwVxnw6NtWU0ovP9gBI6XUrUOS3F1GKy95xdEPovydaPiVMQxOx37a0RDFdA1YDVqbybq-fBSCBaSoWJk3fNDtXH-Y2iTBnk5Go8jpTw49zSDexTwkL56a9bmk_9XBmNQHbYWdKE7NTkzeaZZkBVB2AEgRsvYVqhNQSzubRM0i1xPVYEHxe3Ff-cX_fVij7Jt_l0m6NOYgsOdNsj12_2j-SzLWskNQQdLzseETWgLuw9GZBLQ4E5f3_YUEuA3fUd_yagjvbKU4PvvYrkBZWIP-cjFZE6xCOAdYbemeS6Vti2GEmNmcgNcworluJvPgzEd5BO_mQ-gOCBNNcP1MyZwkZg7uB_utGuKL5W1ZsnpCJZKH3UWOKqVcF-GtS4k8hrl0yvoRNuicIA3dSjWt1apT7O0375tIcsMdoXAQ3jdHFT7HbzqYAx_ERKfHrubOM8DYAaby_Du_vEmGwX6vfT_077-_i19ImebsAlv3ecMHXwoagS_KA1chUiuK6YganTCFQOI3SdTqno4klTeXXflaByG6Fq5tni5Yoy15knmTHIvEoos2CvYzAwoWUR2HNmHRPmEPXWBGw99-86tSWfLm-foTnrJ2XGO34yci16EL2aLNuQNpkpIlRX-yfrVS4PwWeTwU1K9OU7ZREMXWyszfPChcKF0mB8wOBo74usAcdHjOHR-JtCzNljjm13jUTyls0fbhA2DfRFjeUFDC2NKPEnSfzuJ_6RUul7uQxAr77thZM4LdPpfuK1FhfIrba6b_srE6u05p6f-QOQFuhhmkSWgzKrzW4aGPeM5uuXDOTRZnXKwnNymhMiyK3xQfUJYDV_Navc1OrlpnULZFFfXGybvyWiEotbGCr-YBj5iYwIUs3USs3Kr9-DfvvTIhla5yZNGS4xKXFR9wghnRwRzR3Spl9pW8zi6FP1aRdfb8AT_iP1RgMK8xfRXFEslotMhEtBzzCsg6LyQkry4wyLbc1GCKHXxEozh5AlttzSesJSuPvUTzF1A-m33s3VOrZNDPmtyK9i3yTqqe8zxnHTnA8b1b81c6LjxYZmX3M9UAQGec5nhjXggehDE9UbLaAOPTrGuiNHz4bbp_fj_LwjNJgMtp79U1sNZXRVqTf-n1DKG1luG9GHvElxdl_597z3Ir2DBFsCsUCfs45MrL9kIsVHjxpesU4hSW6eQu79udVw6MQl1H888hVlIhowzZwZRruFFR35-IDqMUhN1_X7qDFpjrzeNWc0QMODsLZ0Ez6JUTM3SXjt7J_kuv0EsI58K6YdujyuO3ZCElr5VVAlPaWnmO1iOuU6hxlBwAo3WkLt-J9EIB-_8GfYcWasMA-AJntPRfB13bu0Fy9wUxXHwLTyLu1w-LAUa-qqvpC7RUe4aB1cFKRdUzuk4y2smtAknXZXghiSca4JfjtCxXy4-vIG4PClN6wIzieDe8majufRV2Qf0hwg7M9UBwzoON6k2q_3BbvG4mATRGz5JP4omD_eB70bRFj_PNefIA-igwLzhoU7Q-2nHTtrp4HB3U1rrf2pwDVFUGoxXCTb1nX1ba5w5tqNoqh2pAOfJp-A8n7aTXhDMR4sNQ7_PZHN24HZp-gD1yEyS_bj8MxWUKt0GlCKYd7XNqzOQFV2JQ2rCYWTR5bf8V7v7FFb7XQuy_vYMFvEniM8hlJ75-oMwf6YdPaAXNbqCC-ia9cAuRJlKYXHwunaAceChAoL8_Gqau_pIBikr5nhrGoV351roAXsqGSkAUbDtCnWHCBkojr9bF8H9S_ooP0Q2VHncwDT6icK19PyKp_jUCi4Q03XuA-Y5SDaYIb23-N2QN10a_8SjIGAqs392uCmA5oFeIZFRert3wBPTtGTw5492GGWXqEPaoFUing1fAq7Lemz2kZ79REdetvYkodd7JqIqOQ8EqslbcF-lu74ufMUaR1hD3IHqQzOpjYOCPcQehEUFONyB31sAjdgkpxAkCe4VTTLDMxU2i_vV_Yp5kgnBymM6P04NUv3NRYpaeyPbPfpVsh8ayV1sU-cTa0a74ZQjyNGvI0YT2CC2l492B-Z2jEeEYdS5067nGAsIKMS91sF-WlBP7gvPX5kFDPeckN6PxuzTgsADXsTE8LPvGgLTbmJco7tZ7yLlIRcOvnPGh1bUbn7G4vlkIn6qGuUoP6FGcDOwp8nItLVr8pEjEknnZzwJuqZ8ds7DmBs79UImq5yNSYw02qPbRWzn4Hozez960j2qTaHlIeMrR1fkKkcVjnyqmz9IGDriFPpvv18j764kgx05TpHp8STVcup4GpNYR-NzYpFQRy4MP4dZishvUfjHH-UNcbQP6y562mMCy8-EVumGUEl3v2maOvMhTPG2n6TDT9C2XJKc2xfxn-E8YPyu-UXJ8JlSzy1OmCQptBbVaaaMlj7YbgP7iutK_X7c8_1r-nDiZ4wtfnvdhy3YirCqbbIDnINMzyigTK9pBgwbiMGnWx-_yEux_DhxPX5Hp9psRj1cg-m-yFHSuFof-9h7pJBY59j2uxh5LD3tv5G00RpHpteS-1C1Lt4iROaV93m2jRNWfXgSBkLP1xNNJEXGdS6NK7Pa5BwWTU4STyebmjBj9AQ8FoXvbgdTen2uZ0Gaho_RQ1JfSBISIkQHINAZ7aiLG2y5qWs6RSqfSob95d7lMhf8WuJqnEYvIzaV2QjHhnw_9_h7y-r84w9bS_r_yXjaOBgXENdm9X9u5xrepSg0zWbVwL9zjfSzx7evBvejufpQNYJf1e2NaW_fk-0-GzD6560UMDb7DezOaHfmUU8&cid=CAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de26a8d98ce15f722c5c558e0c613705ad5da7027322ab0d91ce991b7b0ef5a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12858
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C0E3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmRFWNRdJYh2SgochIRftL7KkeyM1wyr2Quh6hn96Xtd8ua-Ewh3PNjaefD9AlteUshql__Kzlq9aZLI7nKMtLEyTXBNz6C6XZjkhQvs1IVrrOyY4
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r62eglto.js
ad4m.at/ Frame C0E3 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb101fbfb40f627db5860971a51fd80a9384f0630af3db4eefd351ef04d2c35

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=U/Ax7w==, md5=xOpZ1cY5A1Y5taJ1VeQlsg==
date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74968
x-guploader-uploadid
ABg5-UyJ_H9nQC34LamJpDHH9NslyUGgt2HnpLy1C0xOavSHXN7zyRoned3kjTrQ0bqTQNn9WKIYCJM2Qp8c_zdjmPWl_ashQA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6e9fee9a0000beab0b971000000001
last-modified
Thu, 06 May 2021 17:10:38 GMT
server
cloudflare
etag
W/"c4ea59d5c639035639b5a27555e425b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WgimnasJOylE1qlc3xj1nX7L4%2BcOWBhFuLkZujU2jqqsdpbrdS3CJ%2Bmml1iK%2FZOQ5iJV2mjUIZpmpkveE%2BSHmXAmQsaCY%2BACcZC%2FRDI75JocpUTX8WJHHXuWtpKQSe19"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321038772018
content-type
application/javascript; charset=utf-8
expires
Tue, 01 Jun 2021 17:11:20 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12030
cf-ray
659135c3ccebbeab-FRA
cf-bgj
minify
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame C0E3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 14:00:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C0E3 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame C0E3 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:59:35 GMT
l
www.google.com/ads/measurement/ Frame C0E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiAfE3nQTTibeGB68F6_g1AIpzmJL5o7zSlx_GcOclgVmIZx-lCWKyirhwQ7e_pJt7qc8S
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame E9DF 		478 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYwez1ZzAB&v=APEucNX-fF6gQ3tlT3QZAFvGuKIdq3c1xJ7tMKNXOUnJBZtxAXy_ybpWEY3vsT2Uqm2IwncGccBFhbBEoJ6oYNnEpZ3AI_oPsA
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CICHEhCs1xMYwez1ZzAB&v=APEucNX-fF6gQ3tlT3QZAFvGuKIdq3c1xJ7tMKNXOUnJBZtxAXy_ybpWEY3vsT2Uqm2IwncGccBFhbBEoJ6oYNnEpZ3AI_oPsA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Jun 2021 14:00:47 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUleSJpxicT0TDBHLDNrP3uf1BoP435rG6FxasAcI1Y7C9bLSFVUQXWhJ6QP; expires=Mon, 27-Jun-2022 14:00:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Jun 2021 14:00:47 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7CBC 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5BEPEjqthHk34nF5QX2uz581X7dxu5Lw8CbeW6jMbAXsPeNOGXBPn4cqhNbXV77FcElPbD-ofyhKvIOSS9ya0sYzzav7GGMkdQgMHWJ4OqlXCcNLOILlW1llgUD87Dl_GRkPH2FFrCTI-F9gAu2dRhTMC8A&cry=1&dbm_d=AKAmf-A2s3d733jS-11j9hhzecqesABuMo7XPndCwz65JfL0hM4ZWjCMjcSnuuW3aT_xPuQHfntKNbRvz3UdD9MM3_yHn59HfsALnbh6KC19-XXKmf8hHc9OvypK1ffY6FmegYIBhl2bfTBNF4hFuPTCwt0YlGnENKAMVM0yGRTzSiZY8zjuYKwIll5MI9Ks5GtHaPC9dln0WHH5g0uF7Ou-3Ot3Xz9KamLa9iNzQosnL32DPvzvp09XcA6THqbA50_7862K1xM9lRQgT3j8dLhN3OezpriCYUMgjJKOuvKSEG_PziNWXdBpfX3Z7sJQ3uD5RJm57d7KdbS-GthT-JVnJcwwN8bDVFXfZqj6_PyZZzv3d7ceOQH0KWeTjbmHDBsfMIMQJ51ESUQPr8DyyYiaLvbgo7zMaI3zS5lN9REeoIPO8LCNOuuNxTgJ3zgnqUmGabSwl9MVBRS5skwNA-oOZ3gOqwRmyFngC29LT1W8zt1ndr0Nlby51sQZK5h8LsVGzuZYWLrhf3esHD_FFx_XnIDZMuKfNLiOb767qTMSI3077ZrS0Fs5EEjwSA3aHbPv28GELFqxDXWXfz-QUV-ueE7WfwryX3gValJEGGqghRf9Eb4bjvWZB5hHfSD7ZOssCptrPMlEcm_maI0rQmcPIxRUT0M1vtG3iJGPqPBJbLcFWRiyO9QZusmvw52_BzMUKYJY0FSmqLsfSJ2jxTz6KiLqex0MbwqRw04dGPKDCl9pVTOoo5SyOZD4KP73vLYhc9Rpcg2tBdmwZ1xCvK1IPjXIHQAtLpmvk7M-Fq1-Le4W5OW67ltfTptw6yYamIZ8QL9WZpc_j1wZhl33ZSVEKrGKS8yUt9uEkWw5YU8oYnBTqQHwhm7VVatn7Plw4xwRUFK1jKkKSmQbe0ogSKZ9VPMMuchxKL6knFShotD00yKb5SBpsF61XNsYa_obioewuKaWqMNo13nllR-utHxKjslLUW6wVrnaWk6cpDzgGjFahN1YfrFSnzsKlPJsT-4DUJitRLBWN_0pNc06kzu3FnsIhmZDzx4nofsl9WbK0TFjdYqI0NznCEuhx3_Pa1h8S2KVnvyVGgICp_dRd7bQIKyYvvluO0_BdHXPgsxJ3pudX7tNX_vMWRr5qERH7qOk1rnX76Ga87W45bZfW9B0xtLvT17L76OUD7Lgxm8XdSR1s-eVERdpu6Eiy8HoKlTJ016MtOO8Tygyn3OXMTQ5gUJLgbPfJRsr_jWTEAJFZKNeWsJoTB35LPj7Db15LJi8DrEmVbB-_84Q1MfvY0vPvglBQ4ACWJcQWhmVQvycShhl0xTJJ35XT-SUEwDKjiulHHPXwAEL_nxaO_8F5nnXJ-5IAsDgE08f5XqrHzvciVE36Gq4eOYdLAmZsVJXobpnid6NKQ7_f0iauklFwzgl8E-LnKw-MsijoBwGD6kDW--lLi9lZuyiR4QQg3uuu0Rtbg7gw197LyVuKwXoGLWoqnJ_2EjO92pHaHGMxy7BZqHf7ZuW--PUlV7sk2Y5jcZquCcHGOHibCNJwxTrg15RVM7P5iWzJkg_Tyqq8oWimGmcSB-8mxCbWD1YluRiwlAOgeGwQOPVfePDFxXV8MbCdTIICdKzbu_A70ZEyr4tsTaVLVUoHjUf5srXiVkRIZjUKkcYeajB8bYKYH1LPzXgF4bdDxkGe1vfZjtebSLAo-_qvG59qjyMzzhw2o_hIP6Al6Nb-1teV-MD67F7JvWVVl__itEuHi7c-ajKwJcAcGvIdiyMjTgK7CPCYgO4g1chBpNnmfm7wyn3v6qG9ZyhgLEy7y5v1bdHZfA7MzXsWPi5IrM1nieiWId2cTxlitnLvVba_ocgqrlz4qwNJ_s--7H0KeYshfWystbUZcrZ-fgwnE7P6S1X2dGNL1Ts2IDjPazX61fyPZNBrdfJNclFFb0zv-p4PvpHnWjEy1SfcPr0BSavnecpXbvwbEDJYvlJ8yYrT8avMzw05ABp7l8pRi8KmJoMrfiQWQSt3zEshBa9y37CkiSc3lQzFDpnH5xRs_Vup_MSf6O-unkUjJJkzHLjktD7VM-pjacu7Nv0HuuYrfDMOs1y2rO-B-KJ33O93uuZnUX5lLHujiFX5x96ZNsbWDy6vPddY8q5AQtEWSbvTmScRGp2hwOYqEfEatzPLwJov4kg92kINjNWBkSz1qMM3quoYsLmIRlIMG8VRJALv9sqHtEKx8_p6OdLk_iD79FSneybr2SQuVpVHRo8-PJG3oIy88R9IKdFU9VqJrKXHBQnSLDi2X5XRvg0O90lmRsO9K56ZcOH-xFXM4laYUtp7QD7uWXYi9EVng6ppUmdFo0NG3Y4G2q9aM_WN2x61hEjGQOazpm07rMR1R4FHCE80ntfbZetu13l6yf25Y7ASF463Hfcbu2oYjLXImdBfdrwLGYPs-r3h7XfM18qRkKs4OMV21mN3WVcdLdpike7f1Wke47hcumVW8w9LtAiuKjTfv1RDaGk0YsQ4c_YBpUZNUtGXY3arowdEesGpvEj1LI-8Zk8AgjMYXxRYU9AltU0pHv9a5Uddn-_cYPISp1qsrx6DtkOl72Gaafkc3rizannY7cGTqWYKw3YmzI-cuKyVp6IC0O59NQ5nywswGDH7LbsTu5qjKDxT88e595p-gin9Ttd-XqHE0xoss74DUNnT4QIFbl9dchWiCuIHSn5jMyXH5zA6SS1xcdrkK93A7KwOX5ywmZcpdKJxIU2vNYz8oWOzzsNeX2Yzcabpus2sbFX-vrrBhvOySZPWd15xhMwt5KSAOGC4xqxvm3ToNSsgN3LxA--VEz60bAGuN2r55538bVWr5xQGIynlOBp-XbNROCpywCUANZDxklu-l1m8U_vcP_ayY7Q8207gvS6cvxX6iGdGFd7t5I9IAHPypn5cylDrQRbQsEzkGACKfopgmAAgSPSnLNzVm6lTNPyRe8wh7UpCsN_0KMD-Et5rypc8SEYBtWdN0xh80yaP8ixT9mKO1NzX5ywhxHRfitxtMI5ekrfKF_9Tc4T3C3ToKxqa-B0dinxocnRwscvpOUMJHVAZT7Gnj0WkL_e8oVFN5hlLQdORGsHZbPuco8UvhUWSFcuXOIRb-iN_CRHkahr7N6uU2Pj4Ta7RCRwkXaEbdpf87L7K-a8nZKMlVDlWoX-AKI1m-AIrhJ6Hs6HTNUBfQjDe_RTdJnZEmABLZk9ovFrQB9iHWIL9g0kkBSyK4yvB-af-qu-MxMbDDfsiNRkVbFxJMazyMS2zgj9IcKyz0XKrXCddU54-8y5MgIRmFRPWnJvx06s0NEjQyrOTeU3R-0U&cid=CAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7aa8efa19fdaea0b2c0ae31080eb27faddfd1b68d673302eccac3dd921ced2fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12250
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CBC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cgi7vPj0OcIa2K-fjeIDPRBF8_xSCuY3iTkTZRXe7im_5bzbabdQ5MoXYmqc6TYFooqMWtvfCqzFS_o33yoWyE0ToPTvyHSSmpU0gQlskNfJwjPhg
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r62eglto.js
ad4m.at/ Frame 7CBC 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb101fbfb40f627db5860971a51fd80a9384f0630af3db4eefd351ef04d2c35

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=U/Ax7w==, md5=xOpZ1cY5A1Y5taJ1VeQlsg==
date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74968
x-guploader-uploadid
ABg5-UyJ_H9nQC34LamJpDHH9NslyUGgt2HnpLy1C0xOavSHXN7zyRoned3kjTrQ0bqTQNn9WKIYCJM2Qp8c_zdjmPWl_ashQA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6e9fee970000beab058b6000000001
last-modified
Thu, 06 May 2021 17:10:38 GMT
server
cloudflare
etag
W/"c4ea59d5c639035639b5a27555e425b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=62vDm%2BtxS5kgdvZH6uavceKKl6Zl9h%2BUQW77qJoIY8jXLjj47pHDFP9YWq2%2FDjPSKRJO01r2VIfazQgJycozH%2F6ibowGZdjlnrocTyhabIY5xESxW8bmrWAQdH%2Fhw7%2Bx"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321038772018
content-type
application/javascript; charset=utf-8
expires
Tue, 01 Jun 2021 17:11:20 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12030
cf-ray
659135c3ccefbeab-FRA
cf-bgj
minify
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 7CBC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 14:00:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7CBC 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 7CBC 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:59:35 GMT
l
www.google.com/ads/measurement/ Frame 7CBC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwMHokuIrynnTpwrhYBp8l6kbnOhoxcvQkLDdwmnvA64gDdgz1Y0Jebztti2zgAdPfjuri
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8472 		478 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNX2aQzYMqPAC9QgkDQnBhD4wQyTrwSsfIXJSbeFCjoDlWgTTP287b19rY0MfZ3FR--yIqehslaNKjtRA45lvI-nM3KWGA
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNX2aQzYMqPAC9QgkDQnBhD4wQyTrwSsfIXJSbeFCjoDlWgTTP287b19rY0MfZ3FR--yIqehslaNKjtRA45lvI-nM3KWGA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Jun 2021 14:00:47 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUl5BCYja5JNvi2r7P2K3pHbd-4i5MP5wIzIdFvi-2p1Da2Tx2Volk0pd5eh; expires=Mon, 27-Jun-2022 14:00:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Jun 2021 14:00:47 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CBC7 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARp9siHi9ZUqERavdOKF7yKcS0KPLq-y4Jft6REXJJPeY2KD9cuGgnj8vShnn0EZ5FcBJss-ha6Kg3Q9YtpEtPQYH2K800NI_AuOTGhVoN2JdTlwuc29f1x4EMGSiS7c9K3af-a2QbqdJL1UgmzDMOuAbPYw&dbm_d=AKAmf-AWw-kor3zhZ0XBsj4wpTnq6-WQHq0LmVK2314VMMpN4aa-rL95t-YOU_HdRrR0D9cOgamFYmjvoRGjC-WpDSi0kXsOcjpzuJlayAFE43TcSrT3lssrPnHgoSaNY7d7OY0Co4YbcVSB8jlOQsFWZIrj5jIb0K_Y9t-q1A1IMGvB6C7iT2vXYx3ptrdpASHahdy1glmN4wdPxWGkT8uksMQjWRK4sFUIFaRgvsBBJZ8z5YHmzhLhRHqiEnhzJO_jQy9K_801MU7JqSbk0Bzk1L6F7N67FbhCwssT0EdGXGgIoxefwhoZj4GeSfjJLnUpai2SD18Xn68ayAKhfGaHwTAk_CNOJJhBKihSLYiRrbMQBXo8FW9WfOvqZCvzB1QkfdQujXRwDH1TFjvlsTS57UVkDVcag94ibw2_6wbClXcTG3jurVqcR22xsc9XbQi_lPhArRON6U9PJwWZcZC14HsvhrNey9PWtOBXBAwC6BFwVDgn4sGO9CG0M6GwQOv340DIoMUH7hLGmt8mFTnVpLe4cCXktYLLIc4MiHiSWD-EQ8CN5f3RjR1IyvwXSi94ji0qb1kBmLDPkBpECINsHidhdJwPY4ttzssKGbGL-ZiiwCOIpNgZZMsZtDbeKRWeXYBdN54StrDKqM4lSWcsyeSLloXK6GzFMikXDiOezdoVm7idAG2Lg9o9N0cqPQuHZzxjFftF4693frJNTvI3cFeNrhFCAAEl9S8oKwQgUhWUkOktHT5nXvSABghTHg8fptfIdQMw7O7pu-fVeb5d2tyxNYO35YHAoVu3e41P7wn3gfBtuc8rw16ODTKx6gw37a0SSPF7jaHR3nDKSKh_fGj-w2BkUCjYQhkgrS6ZMzEX7_dUn1vtg5WghBYp_t9hgBus1ww9TvXUC6YzkJXZmQYVBv_SBAyaHHWi5Syn7RIU4WhIczmP3ny9DvMlMtYh-p4uAH7ItbamhcX-ZBSIoxfKyQQKS0_LxR7SN2W6g6XEtfx5QZDs_AR3W8nZ85O4Ph83CQ68Gp4bIZsKvHhtKvHfJ8PXmWA4Kz5oYgLuzw37G29-exr78l_TGaaoJkKyORlvLZvLt2kPCShubCKdk3_y56F2o7cw5IvKreb1PmSeL-otV4LGn_PWYQG0gq4SINcmExTOQle5AYJrblTewFvjYwEp0jI9fxBq9te6io-cp6VgWvQens3BQ7clQNN-Q9IRHYlngOeYilkm37uLXP6qU5nEF9cP2lta54Acq-yzpwjxJg0QAHLi95VjmREv0NfvXl36y6kAmGXso7ks7jdzJjZMnTZgg2CBVXQS9cFdebgtrHyjg7dPAT7jGZn-VDOqNzJLnl2cap8xj7Wg8BU53OVSnHrIvkiDwUtkx7CO_s71MTZpA7BCI_fyRg-tVPZUzhA4LXn2TIuIw5aRTPF7d8Is7_uPIYQUepPsH1hAVuwbBKKsxa_qphFsg91roCEKnvq8erk2DJKfmjcV8hrxdl4Aa2J7TmtHzr0qgd3HsNWtCExU3xNACcNCXX9xLNY0Q_7uS72qekPTNDPPwFhM_eWyIwZKqNSwJ3jVAk8e42z9kt9rmjBUX8y-PbO18a1rZm1QzEif4rfHqaQ1bQeb3l1TkuuBy7-79m6M8_IVZ2-yKUCOvR6WORNoqYZyfDvw4O9GJIi88LjuShsHsZ-oCiHcogN3tnfDkuf2ghYgAAOc7Yw-dkCLWydw_TbPFMKHtwnFCZWf5VDKaHx3kaZcnWt7Xx4O7ylaTzTIW32wiRT0ifxXeQBaWaZ6jnNdFjI_lfzPYk2nY0N2OYEtjHDXsI5_YnPw-KUZmeIZ3XOGlSLClKga1GoYXmFoXAYPlPDv4GOltYnfFE0UboOSjIfppmwKLURp3ebu_DhP0puf-n-_46b_m7W0Ntkv4tCwtl3N5_jWXhtdwBKMWu-fNXzP9ZFEUmdtckkHXL8PY-u6WTHtwVYfX6SXS0M69P0rfN9tYfe8dr24VDbi7KU2KvyWNmd685TsP90shMKmLJqBM8PjPIyieHRjYyE95LbiyPzm21aTOVF6V72Oj02CgtTBvspUyo_rktDimUNaK5wSmSjrmO4vbJuGMhkqGs9F4DbFlrwyjD-tz34zBL9XXLn8Uu2Jhz9az_dkH5ui_aOBSX_xwOX38McMuoGhOFkfr89c5LfszrOuTqeIIPOHL_pLYrhapi8GlKlE6RO_OKo371QNTndIiCzceLZBlDLRanfEaUXnfw0CvUnqi82XBuRwLM18VsePbJC5h46YbE6qKg6E59CSdFSEY3ds2QPWNRnBKyULFhwUH32G60L8zRwnB9_Dt7OPIPaXGqiLz9w2fsHU7KU5ym0yz3P7zBdtX3UYMwZ95hlWmNf6hS1imSx3KSY4ftpbNH_VO0oC0s4X5wvSDSufP_I-E_6aBGp-jRK6NwfNFMO8vIvgzF5wcQ5dHxsASwR6NZIL92AdRnIfNJ2J9Of7YN0-MRolqpI0tOSRJ0NSgJri3GwLrqzCF6V2jPwM4d8jDPj0PvIvdSYnnEtfHd1-vZiOsmhOrbYj4An4uPDlfbwFhRTspUPO7VosV_JInN09yFbLKpfzoHur4ym4YaDmGEGkaduicr1kMXCPvIMWR6eJiO9omSar5mkODXTK8rAYzkSaZw_4KIU3BI8PU3GHKiYj35fXwK3VxNR9KHA7f8pgS_KVE1Wr99Ixi6fKSGOrLzNK3Qn8MKiY9ERz6RR1hSc1DQ_1wZpKrkI-_5RuDZx7ugngfpWrQ0aMejLIusQ6ER7xIE_HoF9Lj-oMXKukbidI5A2MIT0yTPZunrxhefl6I-NEWYlZ8htdB-UAKco0bTW-rIXsNcgpTaUFpK5QRyUcSXg_xQkyZHxk-E32gZv_-dp9XlGLehe5feUmjXe12v6P7YxCRhtV5BA_gtcBeo82HDn3mLKvwwa7lb_rkGmYKspROl_60mz5s0jocY6CIo9cL_jCkolSbMOZIp6QvddCQn4O5umnJPuBs0SUbuRC0PpMWzOjTv3gMdajpMA138t0yMRWOVm-tq2bdcmq06kyX9zx4I4LEwCWVeNUWmdYAe4rZ4sWeKr9OYa-L1MD3SYHw1ElPhyuwFZ1k8mSrarQjvnIYCR4Qt9K5Th3gwJR0YQ0WsfbNE5lcCCBHx8wEWvheaIqmMDvHod3DKFcIUNPjnHsf1FiApVrp1CA_WicWsr-ltYn7sxJ80qyL67flxKyw3R-i685qceqt0kYAQccVBjklR5gVLWWv6jpxeCaYlWjdsRQpGtObLSffW9iOfNXEVXm5JLAeONlpoJ-rUTAGdDy2nA0Hyy67JuCbnuKYyUiE1TUh9gygWjDzNwJGb29-9pRIqpPG4HLEw5ocd1g-7QCvwdjKUAmJOXKkPeGfGc3gIYdVqPxrAXN4f5SeXTx8C8Hwd-Ef8eEGS5MHQAsrfC6Vn-R4AwCT2h9&cid=CAASPeRomVYeFtio5f3fnYeK5qThxVrakToNzMXaG-7f4D2sWZ2pEkuMS80BplVYOcBhne1e9siYT2-Bg30L3Vs&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2acec31169d334f66d515ea09f41aa08e76a683f2e02d522a71646613c88768a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CBC7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgATK6MCSUQf-t7E6cNPCMg41x9yEFTIESAEolpnxe_oSpvlHE3CYtiaBk_QTrPDhLk1dmUf0nS4T-1jgD9TEpGVl4pm8_eY1XznCC46fVU6YT_3I
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a1.adform.net/adfscript/ Frame CBC7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/adfscript/?bn=43776674;kv_key1=46068091;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C1fPGD4-3YM37DcHX3wP5yonACNydmotjs_j0-7MN8C4QASCXwNofYPWVzoHgBKABvain3QLIAQmpAomacF2PerQ-qAMBqgTOAU_QHFJxEToIp5P4M_dSzVtqVWPzrG0XEQz6DtBBbWdhKvqBjQFLzFNuvUwfYHAw-X0q6mQ_FWthGx0sgwomc79O_W1Kmo9wx6KVx-p_Dvrg4VQUwi4kFi0mokzViQj_rewUswSPpWRybSw3r-FtqlfhrUPUPXIPtcsCcvf_KBnRjDH8TNuQTt2AZjw8ZDAisFewUB4FKlaCnqprJntY9hwWpuezomBugOGBezcWkOPKk0FAO410vQlztpNVKbIvHbSf2eIvT_aUrEbIv1_4wASS-IvttgPgBAOQBgGgBk2AB6vX2KIBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBOXs8sL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASPeRomVYeFtio5f3fnYeK5qThxVrakToNzMXaG-7f4D2sWZ2pEkuMS80BplVYOcBhne1e9siYT2-Bg30L3Vs&sig=AOD64_0CVXRCo095ywyIAE2K7a78hy2y1Q&client=ca-pub-1274416353693598&dbm_c=AKAmf-B3tA3JcdV5mCTTjmoKEacbgHpafLMjMYQlSiHE1DXSBSG9kAIKuEgrYWopKAKZPz4F34m3vVjchc5IR-At9A5xNPioDk-CEQLZmidHKYCTwDam8RxYqD78JwQS7phfaAqF8gjQqZ-ekSnO6xnjdtGTbaX98A&dbm_d=AKAmf-BTD6jJO6pqRTu3Bgrb4ZUXa1j9yumEDz8zYjroDaViRnZjMCTorDVx5ZIUE3z1ELl9e66abSdxRoWxL_q7UZ3Svoh8WxmOTC5PEn8Zjok8KIny8Wa0BHGux8r65_NEO37FsxAVJH79_4AUnG5M0-kdk6w8xu-kTs8Q_2pftnzJh2DrVC68Mq8ZQtSTcfYbvB5qHNRgwel0JBX6cRElJ7jPrxpultNAhE4p-fgvhKPBjBlBM9WH9nNrq5_D27OdZEfV6TZVO7jC6xsfHCiPJju_fg1S37hOoxGWC4LNXgkq2z-ni3QPIr8Q9AnkIVPkoyh3TP_EA8CYfK11xjv8w8mifZA1bVWqSDUNQCestOKcdM2wA-iC58K0yv3dFIesHc7rizCEZrrJHVHO7spLBZv986ODM4nUkSNJe8cSOtrk-ZerfB8bROjqH1SJHguYnQhn6AxC&adurl=
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e89f16d707d2f878020cffafa929e3a94bc0a1fafacfc29ee994f18e59e208b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2122
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame CBC7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 14:00:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CBC7 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame CBC7 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:59:35 GMT
l
www.google.com/ads/measurement/ Frame CBC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNEE48bAnp0oGT0gj2iCI1FaKBM6qnhwzbuPjcIVN2a91KwdBwoFR6pHYqP2BvA9OyhCO5
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 15FB 		478 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNVDyuoSWXkiuFMIriH4f0ugi4Rqnx7ft-UyRpRcQfkeu4I6shrruk4OGH-JmaQegw25fAOE6sqAQsZ32rkFU-CFAMcCsQ
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNVDyuoSWXkiuFMIriH4f0ugi4Rqnx7ft-UyRpRcQfkeu4I6shrruk4OGH-JmaQegw25fAOE6sqAQsZ32rkFU-CFAMcCsQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Jun 2021 14:00:47 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUla8U3ymU-GqovbWJLQwpVzS9m5J8jxI-d6DkOUMiu2JtW_4NSNKa0rQwmf; expires=Mon, 27-Jun-2022 14:00:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Jun 2021 14:00:47 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1852 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIq3EuWexu9q6UZMx5ziVTlAUtVGlehyH_1gZewTEnfkmYrN6empk0esPyjdN8V-Qv2MCiAvYnSHICj3A33PP8Xt0491UgUJVBrtLVSi7RqaejNdE4TySMJTmzFKAj9JQM-fyChXB6Q6BBQwPPMaosbWVc9g&dbm_d=AKAmf-DLixRFM72wQjo5VKsxrKjk4zotkq2iTSyL04qvVW7SdkjUPFwe1ZpB72PUd3UhB5B_k_5BvXWmbksvz6zG1MsaUa7YvEb_vQMO56LMJ5JzVfpL9smSVkAyCLimhoOuNSUkli3Esowk56VVujcpp5Ai-bk_53zaK7dKIVsmBA5eBZeQZ3D01CPYcClg621wKDJ8gqwvgDupdLl-DGN64IX8PdNpXnpz0fgUHUtOJ9NNVPW-L3LB2JBbyOVjy9exH0FUsLSCqhv9JZ4bq2TeYsyd0Vm054BIC8fmDtpGn5v-9qis9XB3_5kQ9WamlgIpol18HiuITlvIm-qlvna0gEC7oyz5mSKZCZ-snc56BDDCCfzNwDnnhG1GQc5-itvIFJHqeEY1xD8Zjc6S-USUonDiNSUGtt2DLd1uXRXtqYkRz7YdJhmFJkG5btmhoKvzBQ-s3ia4UOBy6_znwaRE4GPB79nu7G6plWY7yPUc-slKPQS8CA1HPvFU_Rs7-HG9Ar-ERZ-PBtxrs63Ed3AeKR200Tn4DBJ06RCBsqWgueksQJwiTT70bkaJ-vYti2iORzdZkql7uJsXHDbh-1t0WR0HrA9djOdMGS6nfAESNSq_mUy4Q5QbLUlUm1hpnYPZYVYW7NVXw6H22kuC2kiT6cdPYod_MpLNQdSUm6WdD1nLmjtkQaHCFr7ZY0cnBRS9qPQpp2SmbYFpzJEdxh5ux7IkyN5Y77Z1EeIQ24lvo-NU6vBU_JJgHxd8mGaA_soK-L4CkxifnIyHIb1TwhZVm9d2_iljTsK9IxAFinrpVFfrR1gCUgbJsAZ2FoQh9PH6kS0oWwP1Vd61kkGOI7wH-i7nf3PLAUTNamkkZlRVqnBtDgc5sSTswDjxDUmfKAmUxXIhuRjbtYmGayKf9yhE-f5Cw1eXYJEVcY0BBh54pK5LPA9zva7BydlmAi7eL4MEUSp01DXd4h11ZvoZw6awHnSLkcYVJAXqraLnYSvLfAqoA8U7zJGOWpO5H_D3LoWPqru2wi2X6hZyqT32cavPwXKFh2LgUgWv3nHyhptR3S0_9s53E7oOgwZZlgwZJGzsOC7N3BjGWdY4j8n0-XaahuGEyCFryuPfKAvQGy1z36k1vR2EUbVejHgKi1Nqhhmq_lGYRSld3Jv19Dn5tA4Hhqq9OEunEU2ucEESZgxVccpnA4DIdE0HHJe94dJNzlaVs5vjjGgFnQ94rwk6ByEe-HPPPjHzdCUpI9RWyF-OT2ih9jHl9un4Y6bnlOXcr-oXx7MK3_gEP0C91S9RGw75wJGNL9o4rxcNmL0St1lOztVkiDLRKlK_ImHKJFRgiULgqWiJbcA7vgX3PtDxwhCoDugA5DAmWfWcAjcc6puG7WgZlK7660PqoT2HhzWov5RaHEnJdwsY1q5KmTdnj-LHrJb5i2T2D9atmOWt39mmW_V-UcewVR4BXZ6jj9eecd8mMALKb4BbXupFKuK0TctMIH3zGnq4MvUBxkRg_UIcVXn_-g83ngiJudHZ313VOs-MyVu1XKfj-ef7lcl29sAo98wJUzs6rcTQOgZzigg5ag_S6LQDq2HAtpUlGm3JDTXqHoOWs3wh-8HVgNiPjkkKfaA3Rxj5Wb94axatFi_UsybEiz0vREN6_-O1Z_VX2QY5sRboj37mya1QgLTadu-CGLAxtemmLz12W59RMAAnQuDJkIuIxUVUvC4OKbVe3e-z1AWQ6e4xYu4f7DruD7EEhuEZ8i8eIr3sM9UF5q-gGK00Xge0YJmBdsguLbxD_dJazLvOaeBJrZOYSLApkGM8F5mle_Tg9z9Dtf4QRh_QRuTzbJf2M7MvQg6IMUDiRfQIDbQg_kSU8vFVG1GEGIZQL3A2xdwgkZ9A8VruT2M6ph-5NmKnmTnNckZ7gfi7qrR409P97yap3SFlP9Np4mCDfSrisolzMW6zE996Km2yPXHe4HzNiwWkGWCSveqIm4inM1lkLpxa0BZD0ITGSb4wdUrbJ4TcyxjS2wcpjrfbKOeD1fHS9kdIFNMpzZ15PkTXr720E9SuDK642rAlIHzYt00e2Kawf92GlhSrXsQh0vQKWeV2GzQx_mcawRKgB9kbwH2LtCUxvUddR-x7Z1qwcYopRYttyieYgpLbLPgxubxY3qSLWIn6EcqaZ-MDGFrpIHoeup0wyTz4h0xYMcxSQRQ48GX5neK07Rw7aDcWVC_QT13dOJ7KNCDBUVBhgffRdc9S-3RY3RdS5w0vY39hMzq28kWn_oI7ACAOCdyLvoucHrHUNjgu-0EJp9wIV-4o6Dxhf8lqIxT0AWM8CPGMF44u7lzolqaCbmMN3ThH7IhN-oQ6rCuJpobOk-pcOY3WzneEd5FuJHzHpQcbnd1_O896xNZyG08G6H0S6NqAtmQWE-BKFg_q6mii1gOcDhBdzKYOqN5nV3ph695Tm_RjaogpNh8PUWJAeT5EQ58sKUpnBGzQXwcqHsL73Mvf9eOWO3PfG7D8d-GOmyvP8KnTkKhuOph7XboVodYihz0sF8HoGcsOWdcQXtNhybvHX4jy4SoDIYMm6e_Iy6UZrFbRP20O7WB8n74VV5mUwfDBdZvOMo__4y0a2ANonLzOE0mweI1irGJDu-FR8qFdYIsWY9F8-N7dXXMIslrjXsIh06nb9ZxOeeJdx_lC1adl4Fcf_MhHeRnW1ShO3-AoinytVVo4k1nqIlYlg-by2ZEozTfvppNGvN-AEcZYge7p25Z2URc6S4AhKijzsX-kz2Rl-AEPHx6NcPVDzxsnJYF1uDb4EDqF_nRdx8qYXgLhZJn678qJfmyF1zJH1lF3PZ09hMS6sLZ4WU8XaqmqoX5WVgNLWAD56Sgt6NcS_OKi7x-3lCYD9SDOxNLfLnDNBZZTxS407YaLdi2_nMkGk-1S68Byl-wMFjFIrxbHRuroyVwK8Vwxi4rxwsh-is9ve8bHNZl_qzZWxIA30pBPAHdY2tzpB2Md21MMV-czlpR2nmR7YkWqCJjRlQiB1MayG3aeU-l7dBMfVrU4cvvPICQFEKcUf-u9FC81q932uB9aJLyw2W5WC9RZLfvTgUZfcv1k1C5lfo1eHdiNvzwbzQV5JCZH_Yb2B7kchmz-8rFyCIZahib2brnN7IFAEDP33RCOCybLdX8DB2p3WRKx1ws0vGx3qLqTgCLEhHhEFRZhpAw6BLjleCnATxiIVaQysOlkIpNBf8xnifQ3SQoyI8wP2gz2DYCHLhuEZmLwFIeMqC1HgnOowv44eGDOY00_nW0c5xH0LCtuWL5d6NUs-5ghqG5S6XlDHVImt0G2MG4eAnHLsglodsdhBl1crPL_IOAKR-MiDWjAmjQhKAPDsxP8o6B7ha-PH0mFazkw11XvrkMKBMFFy52dSuJVQ3meRnuFNO7j6UJfJMbXDOiR-KvxdHQbp0699h5PjKQh4rT4NAt1RAua_2DW&cid=CAASPeRoRh1VMDSbUuSVaNbV7ZRd-F9MBO496nzEPwgW-bNjJCTPlCOfu_iRHhysACHUDdDDLAU1EJ9iiJx2r78&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1cd669bfc0d2fa7a95552bd266c204e8c686e237efcac8fc56ab0cf6f8cff1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12081
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1852 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_XwrqIojEyNUtWymtnWGEP8i4GDk6DlVsfFxXNDoXGnhOFIfXAYyl8rujEOpKFjk9kWsVd2vo2FRFS6asYIlWJ816p3c0pYDfj1PyVEgIxwPEGZg
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a1.adform.net/adfscript/ Frame 1852 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/adfscript/?bn=43776674;kv_key1=46068091;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CWihED4-3YMz7DcHX3wP5yonACNydmotjs_j0-7MN8C4QASCXwNofYPWVzoHgBKABvain3QLIAQmpAomacF2PerQ-qAMBqgTLAU_QYj6iEPmH7xU3CVib6Ri8xMuW5A6bnrat-QU2uZtMdnC7XtuBFjABHLM_P_uUJm0d9Zb1vVp9E7nAAwxLx3kW87xbnORtqCrt8OVjUypM2g02sNKvIpMlHnJWOlxeeu01DzidzIM-xDJN2F5ulJYVam4T57ED8Y7h0WMerKrwnL5Try1yxzyhroVnCdSCCIudQ18tp-DMDhPbPS4AVAW9ylSJdUXxu1sU8vrgMiT2_mOEgOC4H2cMmc33_UUKDJLI8Rqk7pe-M-d1wASS-IvttgPgBAOQBgGgBk2AB6vX2KIBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBOXs8sL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASPeRoRh1VMDSbUuSVaNbV7ZRd-F9MBO496nzEPwgW-bNjJCTPlCOfu_iRHhysACHUDdDDLAU1EJ9iiJx2r78&sig=AOD64_0MrLOY1rq1lSvBxNgm4v_EagOwJg&client=ca-pub-1274416353693598&dbm_c=AKAmf-DAZC-7WLLQ6Qyxnz65AjQQKEDap4L5rwitDZp6EHQnZ1WBEoobVycxc6AGPuc53VX2wEo6ubIldOHDyBWN5JW_rCUSguQ8VPx44hyjkJDKcBFLCABiXcjtmVwDdx4O4UosRTTreJtGit8H6t9naKYvDbQdWw&dbm_d=AKAmf-CCSd3IELHbnNRiWHO8XTXHmIFZ6mfIjj8H-ixbv_UUAaWdzXhXOCHFjTWV82JfmHUuk58cwXNqAVoIA4-uxOcCWqAd304k5TjR3L1LPNLwLSJ3-PNqgqm4DYxNSwBNnH2flMaNUT6eyommCe44kGqh6UsBeNF1e2LBSm8VLQdHu8Gh44kxVJUVP2gFsZBD3Uq3bJR9D_hKoIKBCyeuP3uIrFGpt3upV25GGQXcQXRe9H_rFyyatREreJLV-ArHQSfEc7T_28HbHOmb9asCwjwY9m5GMrXJFpReA19cZ-AURDlbI5S8xwwUJX3sl0XOHo9mzuSWgVyI0lClA75GlmwWPbABhZd6fnZWdmHFETUfljiR94yd0bcoULdJaXcZ7juhLa9jW9hG9TRAoBL0m42QyNx87D9jrEAts_PP7dTdPnqh8yF4pclhq9Qbf6S45iiFLVfE&adurl=
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
eb4cb90025be42885e1e0c95da14d011e8965347e65e700caed7fd195eff9047
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2103
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 1852 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 14:00:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1852 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 1852 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:59:35 GMT
l
www.google.com/ads/measurement/ Frame 1852 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPzgxHhB7mx934i3N4pxfIq6Jt2EmZex1nt7RPCL0oksYVC-xFcOfQZnfH-P7wB1f-1CcG
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0A3B 		611 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuGhAIQ8fOTAhijlMFiMAE&v=APEucNUqRjOfLbsykZmKLHk2y3QkaBvFT75ZY4uUpZhH_JbLYJ49etP_K80oMc6ldj7ZmHw_OUlNUAociJ3mJpessFbDlfoYag
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPuGhAIQ8fOTAhijlMFiMAE&v=APEucNUqRjOfLbsykZmKLHk2y3QkaBvFT75ZY4uUpZhH_JbLYJ49etP_K80oMc6ldj7ZmHw_OUlNUAociJ3mJpessFbDlfoYag
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk1fMdD0SxMc-aob19DPQQ48V4QvOZPZ8xxyS6baaeeM8kmeFGG-T-j7Xov
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Jun 2021 14:00:47 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 0995 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dzwdp6qB_sIXH3zsBakupVQbSKKzjPAd1NEB9XIV2buGvKUXaECBZ-mxoLRZB6rUssqlFDDJvd4_X97kixHc5jVnqgUwKdTZzzaQDMR_jDAP9lWmhXKgG7HDlGM0YQtq3UKmB7LzbQSNkgDZequzbv7JNSzw&dbm_d=AKAmf-CKrnmuzZ7cDtRxeohFrGTdgNDbUzEli0RjZlw7gIM9pVTsFiXWyTqi8K-Tlokqy6LTNd5clnQAzqcZCIMU6BwQ6LSUKRfW3V1ob5QD-o-Ee8Mio7mF9zvkD_Tn1fiByq5NduyicfMHdnoN3ofaytIri9rafSAeDnFO_HKkdXyJKBC2FCasw5dwIU5mQa-HmbaRXerR6CuSDE0vzfRvSQ2KyOprBPDKHXyAbyo9T3ZlD2rZhxZ6My_iTGXxGz9bXw1mmvAhfesRdJp3Gdlhc7rmwKRxxueWhZjb8w3RXnETfgAfsaDCQtycS4bGreP3lYNyKZ9fzafmk3LtN_VzRmVlNSUUstU3v801fR42r9Vxlr3-3fYQeALIZgdGIH8N60RpL0a1NFQlzbtaQGvbTwy8oTT1s13RpOtaebLgHnsooRaoS30Cne5lGFZt7SOXFijoycT40tjoaLgRFhI_7NibTT-mClyhP1tWaxb6uefR-gVqXy9KZQkGj1JzQkR-5VllxLq4NZBTOY3RHMVTukXM68NDC1AVr51toQicZQvB-MbF_l3spP9XOgmXUDSWq5fw0YFyQcltPSyEvAm79-oIFosU2dqconJtaNoTw-QdcSJmshc51ASrvsHWs5hsMFtSta8-21Qi5HRVkmWCSDwzXy2t9aNiQzrza98vHTdCDwWsjeKdNLwIpiCoOsmSkuNLnJsqur-hRzvs_iROzoNF_bs1rX-_OxtXGi7PhuKXVzhrD5tQyZcUr9Z5FzuFPrvsPioKdpzjUWpADtYu4E4jX7xWtD593_Ow1b69t82LGU4B4XHZpuTw4e9SRYD-F_l0fPKiXJhZhhKf1OilYA2qC2kqPeI4iGcx5A1YEvcL-d8WrXgHubtXajbOZEuZK9Tyk0plNzAgqOjE3RYZnytZPiWt4ceGaCTZLGaQ21O1z4IwfCbRVqVt21VWRlyk9bSUt_zMstTrvZe43SSBVR56wUUtOVGc96rlqtSZwmWOHcMdfP52jW1EaGB8IvLjiAmPrRe03U2wnVBDN1rbP02Uv51N1YByfq9FdTBybNJyduqFiMW5LpeX85-r9bTOxzJeVw87MDmQl8n1BUft9vAdy4rjn9IUmftnXGsBsX0TmncOM_IAvncT3zsLhNYbs7QhFc0ujqhWDlZCKeEIJExVNPcX2ixffc-H_pDoJReaco-0JxTjmsfmc3wv4vcO4d_gydQrfr4zeFAtYhTMwCHjI-E49Ih6dEvYuJK5O_XPPBwPnT0iOaCSQUT-WuRifAPrp9-3eLqPM_M6CSuYTfziQyrVGw6NbZhJRSqQutD5Z6Pw_qCky8jO1IQNFyOxaMJmEDuXzJNX-DHpn5lAPdvlhuDOOVIXnJ2giQLhPT-IhbIgTUgrJmSVT-P6j8I95vqv6UxBfemAKizHsxFdJqgQQDJWf_pR5RBoFEIhbqdn_R1HIIBufVq6IU4983haTJSBAW30EefkOC7p7QEnYqyZGLNm6kw2fwg2zupj87cvyYC22XP7kGLqZtxdQd5NgkQIVYFwMdnicykBVKZLyCkgGLui8VYChZeX85anXg0yhsEnPhiqJ6AdHnVSKMi1Tx_kiZgGM6P1C84Po-9AWrvNfP0wwW0MHpwAbw_KLebY78WzLNbtjEiUIdWWg2XjETZj_vOjRYvad6yYCLaLDCs79awBAcSVOjmpgSPcPNWQPz2Jv2wnv7Xh8Tr0ksoMPu_huYpfH-lvZuNEewF_KJ1gACIr_r0IXpbhmrE36vhOZlsHY3dUtlrUoGaVIknaiGIR7a3T2LZLNNDJQghnWXYlTQaE5Jfr1DpWXXHLs1gA5KC9gouKFJDHD6nPHJ8iXkzihMteyJNTsj5OlvQ40ZJ0fhGBmLC-kQEZr_J5XprQXs-NSMvFokTaFp8HF-7ZYFabaYFJBo7IJjz55qQ_USOARo5lYEYrNTvMR8yfyNZWfK2fcUJKz0bDdnC061EuufgUHCySy8XPiglU_Vwl2dKR1Qs-XCExHsZO4ZgGqXGaAhBi1A4QxSwiC15oBFg-opoMbj1_hYVD7BdjzWAFgmTMLbJMtyGA_d3fWYIdiCKdmP6Vf5TL0RJRoD_jnaysoJxfiSaHZmPJu_nfZiIlONQHfXEjsFmogdwI91Wput46WI9CMHpYJn5P6w4i5SNm3BN5ZHa6qHvJi4HXHWJATbHhxOmcKOD4ikHgZL5flwKaunanmTWLgZ_qOtLmKeizZY0KgHcYgDpjpb4H1e7yfX6ZSRRta89PKMyiQ7S54iAUjkCUM9kQ_selzq_DgRsiT4rv4yRzI-oJkHbTy_Apae7hxHR5pu8Spk9lqkhSR52jz0UGvqHJoWc5uPNJlNuncwC9hfuFlnS3IQOBZa2USYuGfOJ_e1tSVajp7f7bRlxS0a_nc0cCEZPiQipwVn5fBBUKSxYuZ0RxoerrhZhECa43AF6DsuVWtg9f95UYK05oYu_4PV8PRVvL9lr1PdR6hr6ux-DWNScwqKo_SGuB2WIS98CSySdTzlgCL8BwjCmWLO-ppT-BHap1UpXob3YemKLCDLx01FCd5ogE2eEmBVCRyv8BjFmnyw5F7E206G11CaZGJ6LCy3ZUEfAgUX5nDffHf2MHk_YuLozTGDlsdIh1Mpu3oEer9ir5ngz6S6KXjx_pXYC1afAVMqHJqyzELNJr0Wujg4a-ngmfEW2g5R7X5-vWPBXKJ6boy26iDWWbgSzXSKuu5BDOg7TZtwDrKd6DIXyqFaLSjsH8V4haAtd3MowciO9eUyGJicRFlwZgHqkBMqJ6o4zDncbp330H-HPEyrlDqh3WC9oGD7I51-2uRyzRESqsAnA7-s7XoMrzT5GWNUVTnrkYUCy06OKB4q4C7RrSOjyyIaL55npfthDUyEF8jxvC5XH32x32CGsldeucX3xfxLQeD_xHtZK2Dk-8m3G4OCAPaud0H7v_ePClMfJZwIkGw6V-XFvV2KdETBJEQ3f61oGdA17PG_D1uPbTEHW0sUgnWJTlDtqRbQ1JE_zA6siNkUyN3SzvH1P-AJgQAxOZwfvtC78COAXQkvsDB0vYjQlQyzJWf0FSL4KRku5YPYdRwXOBc7epiExceH8lIwc&cid=CAASPeRobtqLJMlBv2M9-6Y6e19wl1mIm9_r39wWVryA-uVGUUWRuzGf1H4ritzPXj_UpnyzKfFVHwULzb2cLIA&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e005422c9186f0434fcbd103b83788b47011a7926a7857396a0431dab840b16f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26728
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0995 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfZnV8xWYIbPcScAUb56K-21GZPKASOjo7H09Xdtqvh5JaJJfCIhLh0URehbULbADFHo58JTwDfCNg7xmSh4WYgTMXoQ5-dYkCVzD-c8l_7Je3TCM
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 0995 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 14:00:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0995 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 0995 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:59:35 GMT
l
www.google.com/ads/measurement/ Frame 0995 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFfd3JIKWknOBATCn-tvjSBKV0zEkb8dLt3GbdcoeW469vCl_5odNRIqOJzfJqQjr3CF1v
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame DC33 		170 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY6Yb2ZzAB&v=APEucNWnZPHd3NL3srlFC5qqat9vR0tbDFkV-lATk3DfXvv95JhKQC8y7sAvbSUN13ZButmkzpqIAcqoQVRLTWJSzsYpwCG98g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsm6r92GWmio7WcjwWZmmQ&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsm6r92GWmio7WcjwWZmmQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY6Yb2ZzAB&v=APEucNWnZPHd3NL3srlFC5qqat9vR0tbDFkV-lATk3DfXvv95JhKQC8y7sAvbSUN13ZButmkzpqIAcqoQVRLTWJSzsYpwCG98g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELsm6r92GWmio7WcjwWZmmQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC33
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLePEHgmWv9DBNa9hCrAWgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY6Yb2ZzAB&v=APEucNWnZPHd3NL3srlFC5qqat9vR0tbDFkV-lATk3DfXvv95JhKQC8y7sAvbSUN13ZButmkzpqIAcqoQVRLTWJSzsYpwCG98g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9DF 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYwez1ZzAB&v=APEucNX-fF6gQ3tlT3QZAFvGuKIdq3c1xJ7tMKNXOUnJBZtxAXy_ybpWEY3vsT2Uqm2IwncGccBFhbBEoJ6oYNnEpZ3AI_oPsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E9DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4_9lQOMjwhiFGxFRDEc1o&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4_9lQOMjwhiFGxFRDEc1o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYwez1ZzAB&v=APEucNX-fF6gQ3tlT3QZAFvGuKIdq3c1xJ7tMKNXOUnJBZtxAXy_ybpWEY3vsT2Uqm2IwncGccBFhbBEoJ6oYNnEpZ3AI_oPsA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4_9lQOMjwhiFGxFRDEc1o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E9DF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLePEHgmWv9DBNa9hCrAWgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYwez1ZzAB&v=APEucNX-fF6gQ3tlT3QZAFvGuKIdq3c1xJ7tMKNXOUnJBZtxAXy_ybpWEY3vsT2Uqm2IwncGccBFhbBEoJ6oYNnEpZ3AI_oPsA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 645B 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kpfjf1yp&c=4085239124266&slotId=2042619562133&qqid=CI6_qJWO-fACFcHrdwodeWUCiA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C72811302%2C318491509&nsei=44714510%2C75259405%2C75259407%2C75259408%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2c0f:fb50:4002:806::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 645B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:49:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
54661
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:49:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 645B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
106034
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 645B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CXkTHD4-3YM77DcHX3wP5yonACNCS7dVihbuQ988N8u_DisYBEAEgl8DaH2D1lc6B4ASgAYqDlcYByAEFqQI1fWanFK-yPqgDAcgDmwSqBM4BT9ANlqZTqBRfC1KmW6a7mKiO-5JIEQlGsUxsrd0SbfI7DK5o4JI5ctIzxQqnee2c7ulBD1dCc82kzBiGBnHfb-lgmRg_cUNSD7jBMtSQT25J2F5zAAPcmtYTKbo74l04FuMdi5VoUr_R2g0iAT0-r5Wupg7TKBSYbpw7vMZ8OZam_xtgAoRitaq1y5WkZFoMF6hSLRuiFoVT-exMMzlzB0aEfNJT1XuvIYl2AznMV6VZEB2WdfxsIsg83U781YLM1rkLeaeB5sjdRUhv9T_ABM_Ki4jRA-AEA5AGAaAGToAH3vzquQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE5qIvAvIE4K789wD0BMA2BMKiBQE2BQB0BUBgBcB&eventType=clickstring&clientTime=1622642448055&ai=CXkTHD4-3YM77DcHX3wP5yonACNCS7dVihbuQ988N8u_DisYBEAEgl8DaH2D1lc6B4ASgAYqDlcYByAEFqQI1fWanFK-yPqgDAcgDmwSqBM4BT9ANlqZTqBRfC1KmW6a7mKiO-5JIEQlGsUxsrd0SbfI7DK5o4JI5ctIzxQqnee2c7ulBD1dCc82kzBiGBnHfb-lgmRg_cUNSD7jBMtSQT25J2F5zAAPcmtYTKbo74l04FuMdi5VoUr_R2g0iAT0-r5Wupg7TKBSYbpw7vMZ8OZam_xtgAoRitaq1y5WkZFoMF6hSLRuiFoVT-exMMzlzB0aEfNJT1XuvIYl2AznMV6VZEB2WdfxsIsg83U781YLM1rkLeaeB5sjdRUhv9T_ABM_Ki4jRA-AEA5AGAaAGToAH3vzquQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE5qIvAvIE4K789wD0BMA2BMKiBQE2BQB0BUBgBcB
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 645B 		29 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BOOySq2TcznFqvkFc2JaQKETreTQe9GBLfrc1D0cT83sQ-bpdrzNvGo9ZdTQRjWgDNbdspvxTOVcGK7nthvLJ8QYOnsA&dbm_d=AKAmf-B-8Y0ylAa1kN9JzvEQVdbrJQdIVhc8qDFNFlhFHJpvy10SAAhDjI2Yy_9KC0FCjAx4DeRq8sODzXEn3D4xd9-JsmpBY7ZmO9fNQWKYHyWDdkpRYIGAc4IyQqTX5hxOnp-tXBMLPBIfdRG66-cxRk38759uXskmGZaBAjJ-fhoYjJ8dgYo2HlsUixyeN74rgNDCrM1YPhq3WEFYYAXjMu1R4eGrnDKxI_G2f40pLrOj9IcGhi0YTNkJVOBrOnmg8MMmTq8xX3Q_5_N6gy0piAkCLHwo8wq2-UjefDbtQje_Ct3_y-iCWfNhIx8i2dZEW4eMKhzc3EIcHhr_Sv9_l-AIDgJjGTtO1Xo26TJMvTK6dO4Yh-kfXsPGiOmYZ9VYCgVwAvB_cFPtkHIWJSJiTLs24Ps1A6mREmXlhD5dNGdPwegBbUBMBuS1vhBZmzaID8xClk2C452wMHscJi_OBZEhsjz9-d4yCpOm4L4TjrUv8GPm50BwlXbe4pLfQGNKQdFaS-c0fy3jW9NxiPfeZ1fz8FX9QWO3J0C2otg6jf6F6Ld2qaU9LHf4YrMl7Y1h9z94aA3gFB1NgxEuUTCG36QdbaJcF3gKK7PQEeI-1oqwMXXn64YMQJhekkuBGQcVuM0nnfCRqJEsRp1JQwQ2w68r4tOj0bdWHetvebR8Wtlg5-403I_0YomQwzSRImUEjiQ8PwJcFST-LVDabixJwM8UPiarOhz0m_1HNI3a1xf9j1ka9eVpV2fNXrgXJXSr0ON3MIBSVB0tXqTSi0xtozfAKFwuuIkTgBz-LB62xfjcsgXYFjZkX1ylgiULEfHgNw_gOHlbSqubWBX1SNIJKZby6g1yAAKCs5veenIJRLTuroadqyNkbSjU6WvrtYOR9wq5NMvbgDcI9fXReiu63icn2nGJHppCtBrjxhjVlJY1wD69BozpQD4RwIAOR5avjpiZRkbKC8IuWtlBX5q9pweLyYsujHikM4wBrvBM9agebOqY6G45VfhPId3oCU811590gzsAroeRciKqAZc-byIXZvDeTlV6PHbl1vCJ3eBENR_KaI-yk3miaekaXHViwkWHClOD4COcSCtasP1jD5ADgyA4ecTOss71g0QWAtjHnS6MKJuRvaPHAYiGpj6_iXAwLBY9P-YVNryxpFi6NAq76wQn-8COMW7SRoAmsCzVlGIllBOYwtpNoWl1SZiECS56sjYsh4sCTNR1pJOHttK24YZO-1dm_FPO_bPuujP9x5mrRq539j7HvLis5sbCN2PlmYFdG7VXUxl6aKFBKHiny7JkHZ5nDkuaMFnkBMthM3T4HmVAz9j3LsZ8u4DJVMx-hLO5l1VVfvvNF49fRVfTnKpbDwZiqXtuOM2406JjYlmsMGbc0J9vvIq1xkaZtz4Vsq3SXgwMijkwtLbqj2JPtQAAw-n63AjNKN168cytNXkf_JGZ7ueU6GhCzjFO9EDA8X9iRFAE006y3jDEvKCHsXFk4yAk-FGjmd7Xw1US7yC_2Rm2-hoczO6u_Yuw-jC4Tdc_NOrdcBE-dn9hycY68wY36nz2cePwz_zxWVc88bHxgZgrbZOGvLeiSPhrCQiG3xIUWAobx94kZrks2yWcPDzdXHos-KtpTxFsYGlCvLw1uuAA8yPImFcFYQkarmS2d9q17q1K3As9BUCdPXUAcixarK6xvXIAQk7S3Fr-yWjZCjkHKycG7lZbfQSqQ75eI4I3DQMeMgzhwzrW45OWDqrVNYmPa46eiKQV21XcvlkEGk0t-jOj3okiSgwRBJaSHtX7J3mGaUiKAFQAHmK_lSV6Qs8yCwH5HGKUvnoGopE2rl0t8aS3tT3PC2WZKEhg_96T2ymv3WWcUCGx0xd6HRw4njZl7dMfXy60-3mn6reqIXlSs9EaOlfhH9bOKCIP0eedZQesHV4Po0kw0lwibR61F_A_fceCanKn_VVwwutKzLZj4sWaYxNorREizY41_Fb8ZZt8Omth6TvUVmPm_NCk_xjd7uvj6iWYLsdmVjaPIarU9EQe_2IhBTcMT1V8s65wvD0A_rAXxga0YOFaX_vK24cF5MU5clhEDLgueBB6U2V2pkmp1TmP5b-Dxls6pLe-kl360CmS_AR3hDR1hrAjG2YSwTkn0WTxCjZ7piWSsKtKEZ05mMV1DdGvaQwqV1kV4xAsAI3GLuvduKEKNnNsFSyiy5s9DR5awcEIl_wegYV7i7ng88qqV454czhYmdrQYxl7t82H4w1TmbbDuKwusvToarPPbq8tVGFb6K2Rth-cLr-foSNY-g2_r2f9OUAIpcxdQUB3ou0WGSlP5MNe39Jo4hFXEyN6l2r5mN2ObnDAsATnJM-YmNHhtxaurKGmWDxkHBQbT4gqWEpQrji3VT0OGAf-rXFc5OTI5YEVOkIrmXThPqwcgom9C5Jjw2wG_3gIF1A0FG6JmOFJIqk38BYSiHEgvFM0xWs_wZYHySLUGQQtoOmgN5vUAMTwJJnfKqxOcbY7CcSdVCLhLuVMIsrCiQpVYrAUXLBuUXUsEQoc6bre5VxsJGLNruQJbNZx-HpeMbdTD23_alR23tDzJIz0hLx4wDIM7HEhBFpRPLn645KNMxxkC07SkfGDbD_02E95CprH76kfa9veFXvRbINq_KSIU_XEZ-OH7rAy8cv7LX94VXuVSTKz2aZyeqVc0p1XrdBj4sf2d5nzhoKenCEBXa892DcXrtAXHf-tbmTVdA-p0EMIxIKsR-RsdH6DhDbSx4ivkek4Ww0z0hWdyrOK5xykLXOjY4fjJ98MzgoA_5urNWcwJkbQBxiV_rYFOnPznipFdsXQo3-RqSwxgyRUXoZQPgNimweCI-yz6QVB5869eTeRYKGi4yQ3J_zWYZJdNJPpLNjGfwqR4bO0XMPkBSoXX77WgSvj2n3KUvtI551Xk2826l4uWFNmyod8DrlNJEbEaCpl6PSr4jVI9StbMgwXusV_YfbZS_F2SZUjsRZOBRIyxYslc2QBes7hoc_ITuDStnjtYbaQTUjdgocAHdL8V_gmSsd0qaewSIjg_6SUmaOOnGIJGGkiDfwMHLPYMBBZahbpq6IKrbKdaCBxUPT1HzzZVmZa7Ycm1Yax9634yVl88eQxWazxeEzNZYEyfXsj90R6KEWaaz4xFA&cid=CAASPeRoAsLPWE8tyu5qQfWFv1BdxoiBp0JOv7yWfOu4HtKSMrLVa0GtPrXCSNe7DABFqRNqrd-ys4swZqRSqX8&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
cafe /
Resource Hash
210230075609b8e46d45a9ad7d9bebc16812102d08a123d29e54c4344c34548e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13656
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 645B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ccol2D4-3YM77DcHX3wP5yonACNCS7dVihbuQ988N8u_DisYBEAEgl8DaH2D1lc6B4ASgAYqDlcYByAEFqQI1fWanFK-yPqgDAcgDmwSqBMsBT9ANlqZTqBRfC1KmW6a7mKiO-5JIEQlGsUxsrd0SbfI7DK5o4JI5ctIzxQqnee2c7ulBD1dCc82kzBiGBnHfb-lgmRg_cUNSD7jBMtSQT25J2F5zAAPcmtYTKbo74l04FuMdi5VoUr_R2g0iAT0-r5Wupg7TKBSYbpw7vMZ8OZam_xtgAoRitaq1y5WkZFoMF6hSLRuiFoVT-exMMzlzB0aEfNJT1XuvIYl2AznMV_1YiugF55z-5jOyrbly_CFU4BmTQEIu3C1aTFDABM_Ki4jRA-AEA4gF7vTVtzCSBQYIAxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB9786rkCqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwDyBwoQgek_GOGPlKgB0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDyAsBsBOaiLwLyBOCu_PcA9ATANgTCogUBNgUAdAVAYAXAbIXGgoYCAASFHB1Yi0xMjc0NDE2MzUzNjkzNTk4&sigh=UOUpTu-LqY4&cid=CAQSPwCNIrLMy9oMvbpael0Bqa_6WiAFGBxp1Z2sy4bBnRM_IgBoJmeREjGYzIktQaHdZqu2JzVo69-Xz1GVIalGig&vt=10
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 645B 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d2455414a637829305349c54a1210a7c5dc1e47e9f75980e55335c6744ef6a4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 7CBC 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5BEPEjqthHk34nF5QX2uz581X7dxu5Lw8CbeW6jMbAXsPeNOGXBPn4cqhNbXV77FcElPbD-ofyhKvIOSS9ya0sYzzav7GGMkdQgMHWJ4OqlXCcNLOILlW1llgUD87Dl_GRkPH2FFrCTI-F9gAu2dRhTMC8A&cry=1&dbm_d=AKAmf-A2s3d733jS-11j9hhzecqesABuMo7XPndCwz65JfL0hM4ZWjCMjcSnuuW3aT_xPuQHfntKNbRvz3UdD9MM3_yHn59HfsALnbh6KC19-XXKmf8hHc9OvypK1ffY6FmegYIBhl2bfTBNF4hFuPTCwt0YlGnENKAMVM0yGRTzSiZY8zjuYKwIll5MI9Ks5GtHaPC9dln0WHH5g0uF7Ou-3Ot3Xz9KamLa9iNzQosnL32DPvzvp09XcA6THqbA50_7862K1xM9lRQgT3j8dLhN3OezpriCYUMgjJKOuvKSEG_PziNWXdBpfX3Z7sJQ3uD5RJm57d7KdbS-GthT-JVnJcwwN8bDVFXfZqj6_PyZZzv3d7ceOQH0KWeTjbmHDBsfMIMQJ51ESUQPr8DyyYiaLvbgo7zMaI3zS5lN9REeoIPO8LCNOuuNxTgJ3zgnqUmGabSwl9MVBRS5skwNA-oOZ3gOqwRmyFngC29LT1W8zt1ndr0Nlby51sQZK5h8LsVGzuZYWLrhf3esHD_FFx_XnIDZMuKfNLiOb767qTMSI3077ZrS0Fs5EEjwSA3aHbPv28GELFqxDXWXfz-QUV-ueE7WfwryX3gValJEGGqghRf9Eb4bjvWZB5hHfSD7ZOssCptrPMlEcm_maI0rQmcPIxRUT0M1vtG3iJGPqPBJbLcFWRiyO9QZusmvw52_BzMUKYJY0FSmqLsfSJ2jxTz6KiLqex0MbwqRw04dGPKDCl9pVTOoo5SyOZD4KP73vLYhc9Rpcg2tBdmwZ1xCvK1IPjXIHQAtLpmvk7M-Fq1-Le4W5OW67ltfTptw6yYamIZ8QL9WZpc_j1wZhl33ZSVEKrGKS8yUt9uEkWw5YU8oYnBTqQHwhm7VVatn7Plw4xwRUFK1jKkKSmQbe0ogSKZ9VPMMuchxKL6knFShotD00yKb5SBpsF61XNsYa_obioewuKaWqMNo13nllR-utHxKjslLUW6wVrnaWk6cpDzgGjFahN1YfrFSnzsKlPJsT-4DUJitRLBWN_0pNc06kzu3FnsIhmZDzx4nofsl9WbK0TFjdYqI0NznCEuhx3_Pa1h8S2KVnvyVGgICp_dRd7bQIKyYvvluO0_BdHXPgsxJ3pudX7tNX_vMWRr5qERH7qOk1rnX76Ga87W45bZfW9B0xtLvT17L76OUD7Lgxm8XdSR1s-eVERdpu6Eiy8HoKlTJ016MtOO8Tygyn3OXMTQ5gUJLgbPfJRsr_jWTEAJFZKNeWsJoTB35LPj7Db15LJi8DrEmVbB-_84Q1MfvY0vPvglBQ4ACWJcQWhmVQvycShhl0xTJJ35XT-SUEwDKjiulHHPXwAEL_nxaO_8F5nnXJ-5IAsDgE08f5XqrHzvciVE36Gq4eOYdLAmZsVJXobpnid6NKQ7_f0iauklFwzgl8E-LnKw-MsijoBwGD6kDW--lLi9lZuyiR4QQg3uuu0Rtbg7gw197LyVuKwXoGLWoqnJ_2EjO92pHaHGMxy7BZqHf7ZuW--PUlV7sk2Y5jcZquCcHGOHibCNJwxTrg15RVM7P5iWzJkg_Tyqq8oWimGmcSB-8mxCbWD1YluRiwlAOgeGwQOPVfePDFxXV8MbCdTIICdKzbu_A70ZEyr4tsTaVLVUoHjUf5srXiVkRIZjUKkcYeajB8bYKYH1LPzXgF4bdDxkGe1vfZjtebSLAo-_qvG59qjyMzzhw2o_hIP6Al6Nb-1teV-MD67F7JvWVVl__itEuHi7c-ajKwJcAcGvIdiyMjTgK7CPCYgO4g1chBpNnmfm7wyn3v6qG9ZyhgLEy7y5v1bdHZfA7MzXsWPi5IrM1nieiWId2cTxlitnLvVba_ocgqrlz4qwNJ_s--7H0KeYshfWystbUZcrZ-fgwnE7P6S1X2dGNL1Ts2IDjPazX61fyPZNBrdfJNclFFb0zv-p4PvpHnWjEy1SfcPr0BSavnecpXbvwbEDJYvlJ8yYrT8avMzw05ABp7l8pRi8KmJoMrfiQWQSt3zEshBa9y37CkiSc3lQzFDpnH5xRs_Vup_MSf6O-unkUjJJkzHLjktD7VM-pjacu7Nv0HuuYrfDMOs1y2rO-B-KJ33O93uuZnUX5lLHujiFX5x96ZNsbWDy6vPddY8q5AQtEWSbvTmScRGp2hwOYqEfEatzPLwJov4kg92kINjNWBkSz1qMM3quoYsLmIRlIMG8VRJALv9sqHtEKx8_p6OdLk_iD79FSneybr2SQuVpVHRo8-PJG3oIy88R9IKdFU9VqJrKXHBQnSLDi2X5XRvg0O90lmRsO9K56ZcOH-xFXM4laYUtp7QD7uWXYi9EVng6ppUmdFo0NG3Y4G2q9aM_WN2x61hEjGQOazpm07rMR1R4FHCE80ntfbZetu13l6yf25Y7ASF463Hfcbu2oYjLXImdBfdrwLGYPs-r3h7XfM18qRkKs4OMV21mN3WVcdLdpike7f1Wke47hcumVW8w9LtAiuKjTfv1RDaGk0YsQ4c_YBpUZNUtGXY3arowdEesGpvEj1LI-8Zk8AgjMYXxRYU9AltU0pHv9a5Uddn-_cYPISp1qsrx6DtkOl72Gaafkc3rizannY7cGTqWYKw3YmzI-cuKyVp6IC0O59NQ5nywswGDH7LbsTu5qjKDxT88e595p-gin9Ttd-XqHE0xoss74DUNnT4QIFbl9dchWiCuIHSn5jMyXH5zA6SS1xcdrkK93A7KwOX5ywmZcpdKJxIU2vNYz8oWOzzsNeX2Yzcabpus2sbFX-vrrBhvOySZPWd15xhMwt5KSAOGC4xqxvm3ToNSsgN3LxA--VEz60bAGuN2r55538bVWr5xQGIynlOBp-XbNROCpywCUANZDxklu-l1m8U_vcP_ayY7Q8207gvS6cvxX6iGdGFd7t5I9IAHPypn5cylDrQRbQsEzkGACKfopgmAAgSPSnLNzVm6lTNPyRe8wh7UpCsN_0KMD-Et5rypc8SEYBtWdN0xh80yaP8ixT9mKO1NzX5ywhxHRfitxtMI5ekrfKF_9Tc4T3C3ToKxqa-B0dinxocnRwscvpOUMJHVAZT7Gnj0WkL_e8oVFN5hlLQdORGsHZbPuco8UvhUWSFcuXOIRb-iN_CRHkahr7N6uU2Pj4Ta7RCRwkXaEbdpf87L7K-a8nZKMlVDlWoX-AKI1m-AIrhJ6Hs6HTNUBfQjDe_RTdJnZEmABLZk9ovFrQB9iHWIL9g0kkBSyK4yvB-af-qu-MxMbDDfsiNRkVbFxJMazyMS2zgj9IcKyz0XKrXCddU54-8y5MgIRmFRPWnJvx06s0NEjQyrOTeU3R-0U&cid=CAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13843236118941462489
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:50:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7CBC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5BEPEjqthHk34nF5QX2uz581X7dxu5Lw8CbeW6jMbAXsPeNOGXBPn4cqhNbXV77FcElPbD-ofyhKvIOSS9ya0sYzzav7GGMkdQgMHWJ4OqlXCcNLOILlW1llgUD87Dl_GRkPH2FFrCTI-F9gAu2dRhTMC8A&cry=1&dbm_d=AKAmf-A2s3d733jS-11j9hhzecqesABuMo7XPndCwz65JfL0hM4ZWjCMjcSnuuW3aT_xPuQHfntKNbRvz3UdD9MM3_yHn59HfsALnbh6KC19-XXKmf8hHc9OvypK1ffY6FmegYIBhl2bfTBNF4hFuPTCwt0YlGnENKAMVM0yGRTzSiZY8zjuYKwIll5MI9Ks5GtHaPC9dln0WHH5g0uF7Ou-3Ot3Xz9KamLa9iNzQosnL32DPvzvp09XcA6THqbA50_7862K1xM9lRQgT3j8dLhN3OezpriCYUMgjJKOuvKSEG_PziNWXdBpfX3Z7sJQ3uD5RJm57d7KdbS-GthT-JVnJcwwN8bDVFXfZqj6_PyZZzv3d7ceOQH0KWeTjbmHDBsfMIMQJ51ESUQPr8DyyYiaLvbgo7zMaI3zS5lN9REeoIPO8LCNOuuNxTgJ3zgnqUmGabSwl9MVBRS5skwNA-oOZ3gOqwRmyFngC29LT1W8zt1ndr0Nlby51sQZK5h8LsVGzuZYWLrhf3esHD_FFx_XnIDZMuKfNLiOb767qTMSI3077ZrS0Fs5EEjwSA3aHbPv28GELFqxDXWXfz-QUV-ueE7WfwryX3gValJEGGqghRf9Eb4bjvWZB5hHfSD7ZOssCptrPMlEcm_maI0rQmcPIxRUT0M1vtG3iJGPqPBJbLcFWRiyO9QZusmvw52_BzMUKYJY0FSmqLsfSJ2jxTz6KiLqex0MbwqRw04dGPKDCl9pVTOoo5SyOZD4KP73vLYhc9Rpcg2tBdmwZ1xCvK1IPjXIHQAtLpmvk7M-Fq1-Le4W5OW67ltfTptw6yYamIZ8QL9WZpc_j1wZhl33ZSVEKrGKS8yUt9uEkWw5YU8oYnBTqQHwhm7VVatn7Plw4xwRUFK1jKkKSmQbe0ogSKZ9VPMMuchxKL6knFShotD00yKb5SBpsF61XNsYa_obioewuKaWqMNo13nllR-utHxKjslLUW6wVrnaWk6cpDzgGjFahN1YfrFSnzsKlPJsT-4DUJitRLBWN_0pNc06kzu3FnsIhmZDzx4nofsl9WbK0TFjdYqI0NznCEuhx3_Pa1h8S2KVnvyVGgICp_dRd7bQIKyYvvluO0_BdHXPgsxJ3pudX7tNX_vMWRr5qERH7qOk1rnX76Ga87W45bZfW9B0xtLvT17L76OUD7Lgxm8XdSR1s-eVERdpu6Eiy8HoKlTJ016MtOO8Tygyn3OXMTQ5gUJLgbPfJRsr_jWTEAJFZKNeWsJoTB35LPj7Db15LJi8DrEmVbB-_84Q1MfvY0vPvglBQ4ACWJcQWhmVQvycShhl0xTJJ35XT-SUEwDKjiulHHPXwAEL_nxaO_8F5nnXJ-5IAsDgE08f5XqrHzvciVE36Gq4eOYdLAmZsVJXobpnid6NKQ7_f0iauklFwzgl8E-LnKw-MsijoBwGD6kDW--lLi9lZuyiR4QQg3uuu0Rtbg7gw197LyVuKwXoGLWoqnJ_2EjO92pHaHGMxy7BZqHf7ZuW--PUlV7sk2Y5jcZquCcHGOHibCNJwxTrg15RVM7P5iWzJkg_Tyqq8oWimGmcSB-8mxCbWD1YluRiwlAOgeGwQOPVfePDFxXV8MbCdTIICdKzbu_A70ZEyr4tsTaVLVUoHjUf5srXiVkRIZjUKkcYeajB8bYKYH1LPzXgF4bdDxkGe1vfZjtebSLAo-_qvG59qjyMzzhw2o_hIP6Al6Nb-1teV-MD67F7JvWVVl__itEuHi7c-ajKwJcAcGvIdiyMjTgK7CPCYgO4g1chBpNnmfm7wyn3v6qG9ZyhgLEy7y5v1bdHZfA7MzXsWPi5IrM1nieiWId2cTxlitnLvVba_ocgqrlz4qwNJ_s--7H0KeYshfWystbUZcrZ-fgwnE7P6S1X2dGNL1Ts2IDjPazX61fyPZNBrdfJNclFFb0zv-p4PvpHnWjEy1SfcPr0BSavnecpXbvwbEDJYvlJ8yYrT8avMzw05ABp7l8pRi8KmJoMrfiQWQSt3zEshBa9y37CkiSc3lQzFDpnH5xRs_Vup_MSf6O-unkUjJJkzHLjktD7VM-pjacu7Nv0HuuYrfDMOs1y2rO-B-KJ33O93uuZnUX5lLHujiFX5x96ZNsbWDy6vPddY8q5AQtEWSbvTmScRGp2hwOYqEfEatzPLwJov4kg92kINjNWBkSz1qMM3quoYsLmIRlIMG8VRJALv9sqHtEKx8_p6OdLk_iD79FSneybr2SQuVpVHRo8-PJG3oIy88R9IKdFU9VqJrKXHBQnSLDi2X5XRvg0O90lmRsO9K56ZcOH-xFXM4laYUtp7QD7uWXYi9EVng6ppUmdFo0NG3Y4G2q9aM_WN2x61hEjGQOazpm07rMR1R4FHCE80ntfbZetu13l6yf25Y7ASF463Hfcbu2oYjLXImdBfdrwLGYPs-r3h7XfM18qRkKs4OMV21mN3WVcdLdpike7f1Wke47hcumVW8w9LtAiuKjTfv1RDaGk0YsQ4c_YBpUZNUtGXY3arowdEesGpvEj1LI-8Zk8AgjMYXxRYU9AltU0pHv9a5Uddn-_cYPISp1qsrx6DtkOl72Gaafkc3rizannY7cGTqWYKw3YmzI-cuKyVp6IC0O59NQ5nywswGDH7LbsTu5qjKDxT88e595p-gin9Ttd-XqHE0xoss74DUNnT4QIFbl9dchWiCuIHSn5jMyXH5zA6SS1xcdrkK93A7KwOX5ywmZcpdKJxIU2vNYz8oWOzzsNeX2Yzcabpus2sbFX-vrrBhvOySZPWd15xhMwt5KSAOGC4xqxvm3ToNSsgN3LxA--VEz60bAGuN2r55538bVWr5xQGIynlOBp-XbNROCpywCUANZDxklu-l1m8U_vcP_ayY7Q8207gvS6cvxX6iGdGFd7t5I9IAHPypn5cylDrQRbQsEzkGACKfopgmAAgSPSnLNzVm6lTNPyRe8wh7UpCsN_0KMD-Et5rypc8SEYBtWdN0xh80yaP8ixT9mKO1NzX5ywhxHRfitxtMI5ekrfKF_9Tc4T3C3ToKxqa-B0dinxocnRwscvpOUMJHVAZT7Gnj0WkL_e8oVFN5hlLQdORGsHZbPuco8UvhUWSFcuXOIRb-iN_CRHkahr7N6uU2Pj4Ta7RCRwkXaEbdpf87L7K-a8nZKMlVDlWoX-AKI1m-AIrhJ6Hs6HTNUBfQjDe_RTdJnZEmABLZk9ovFrQB9iHWIL9g0kkBSyK4yvB-af-qu-MxMbDDfsiNRkVbFxJMazyMS2zgj9IcKyz0XKrXCddU54-8y5MgIRmFRPWnJvx06s0NEjQyrOTeU3R-0U&cid=CAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46787
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 01:01:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame C0E3 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CT8fYkdfiY4QZsjqeXjdvVsi3K4y-pSbsYAoUDgztdJYFkKeFo-C8rB2RA2F1_CiXSE9OvSODBn-baxmQLinVDI4ZwzSZOtbbpr1_LaC_l_wGS97rkF2oTX7kOB1v5kLUUwFV_O2IEydLUm3jd7qEXmvE9yg&cry=1&dbm_d=AKAmf-CpPYyLYMQ1MOB48yHSKfpi2VbHVpR2AhemEnSrVuW4XiRjeos3JyZiP-KAVLZH-5NmDJBPc77z_NPsKTa2waO0lJL3wMTng-qWL8O2t4YnsBi5MsBpZv5Jl55sxXi3uAidXJRRpGwpm2MT2x0AcyGLNdDfEjC966E37gNKuoBtDXpHNf6oHwCP-VsQaS3JtZgaGCUwuvOgQWXw72YJCK2pw0ebz27QiUT2S7QDxatfM6cJHJbs5iq2gigbFolGUgehuxd8KBOHzB5khXuuIJeAuEJUxOZkqfr6M-D7AUXjJXo22j7i0NBmIWqhiApGCVHBDqoMUqj0uRaEKtefHaoXQ6Embyl4ICNprUy_30UC1dFkV_jbQmJoNswzizQ3OWhtz34O9lo3MvTzjFQ4lLDmPOVyP1N1O6p4NLzYxlRurihZ1u7nBjEMduJ9kTygmcnipGzVuZ6kChhQI3_CEgyT9M7n9aPVvI5ZzWw1WsC403jGNvyG7XpCy68kpS68bTIsmWiWBTXJK3oTxThu-d8OXavoKNmoOwVxnw6NtWU0ovP9gBI6XUrUOS3F1GKy95xdEPovydaPiVMQxOx37a0RDFdA1YDVqbybq-fBSCBaSoWJk3fNDtXH-Y2iTBnk5Go8jpTw49zSDexTwkL56a9bmk_9XBmNQHbYWdKE7NTkzeaZZkBVB2AEgRsvYVqhNQSzubRM0i1xPVYEHxe3Ff-cX_fVij7Jt_l0m6NOYgsOdNsj12_2j-SzLWskNQQdLzseETWgLuw9GZBLQ4E5f3_YUEuA3fUd_yagjvbKU4PvvYrkBZWIP-cjFZE6xCOAdYbemeS6Vti2GEmNmcgNcworluJvPgzEd5BO_mQ-gOCBNNcP1MyZwkZg7uB_utGuKL5W1ZsnpCJZKH3UWOKqVcF-GtS4k8hrl0yvoRNuicIA3dSjWt1apT7O0375tIcsMdoXAQ3jdHFT7HbzqYAx_ERKfHrubOM8DYAaby_Du_vEmGwX6vfT_077-_i19ImebsAlv3ecMHXwoagS_KA1chUiuK6YganTCFQOI3SdTqno4klTeXXflaByG6Fq5tni5Yoy15knmTHIvEoos2CvYzAwoWUR2HNmHRPmEPXWBGw99-86tSWfLm-foTnrJ2XGO34yci16EL2aLNuQNpkpIlRX-yfrVS4PwWeTwU1K9OU7ZREMXWyszfPChcKF0mB8wOBo74usAcdHjOHR-JtCzNljjm13jUTyls0fbhA2DfRFjeUFDC2NKPEnSfzuJ_6RUul7uQxAr77thZM4LdPpfuK1FhfIrba6b_srE6u05p6f-QOQFuhhmkSWgzKrzW4aGPeM5uuXDOTRZnXKwnNymhMiyK3xQfUJYDV_Navc1OrlpnULZFFfXGybvyWiEotbGCr-YBj5iYwIUs3USs3Kr9-DfvvTIhla5yZNGS4xKXFR9wghnRwRzR3Spl9pW8zi6FP1aRdfb8AT_iP1RgMK8xfRXFEslotMhEtBzzCsg6LyQkry4wyLbc1GCKHXxEozh5AlttzSesJSuPvUTzF1A-m33s3VOrZNDPmtyK9i3yTqqe8zxnHTnA8b1b81c6LjxYZmX3M9UAQGec5nhjXggehDE9UbLaAOPTrGuiNHz4bbp_fj_LwjNJgMtp79U1sNZXRVqTf-n1DKG1luG9GHvElxdl_597z3Ir2DBFsCsUCfs45MrL9kIsVHjxpesU4hSW6eQu79udVw6MQl1H888hVlIhowzZwZRruFFR35-IDqMUhN1_X7qDFpjrzeNWc0QMODsLZ0Ez6JUTM3SXjt7J_kuv0EsI58K6YdujyuO3ZCElr5VVAlPaWnmO1iOuU6hxlBwAo3WkLt-J9EIB-_8GfYcWasMA-AJntPRfB13bu0Fy9wUxXHwLTyLu1w-LAUa-qqvpC7RUe4aB1cFKRdUzuk4y2smtAknXZXghiSca4JfjtCxXy4-vIG4PClN6wIzieDe8majufRV2Qf0hwg7M9UBwzoON6k2q_3BbvG4mATRGz5JP4omD_eB70bRFj_PNefIA-igwLzhoU7Q-2nHTtrp4HB3U1rrf2pwDVFUGoxXCTb1nX1ba5w5tqNoqh2pAOfJp-A8n7aTXhDMR4sNQ7_PZHN24HZp-gD1yEyS_bj8MxWUKt0GlCKYd7XNqzOQFV2JQ2rCYWTR5bf8V7v7FFb7XQuy_vYMFvEniM8hlJ75-oMwf6YdPaAXNbqCC-ia9cAuRJlKYXHwunaAceChAoL8_Gqau_pIBikr5nhrGoV351roAXsqGSkAUbDtCnWHCBkojr9bF8H9S_ooP0Q2VHncwDT6icK19PyKp_jUCi4Q03XuA-Y5SDaYIb23-N2QN10a_8SjIGAqs392uCmA5oFeIZFRert3wBPTtGTw5492GGWXqEPaoFUing1fAq7Lemz2kZ79REdetvYkodd7JqIqOQ8EqslbcF-lu74ufMUaR1hD3IHqQzOpjYOCPcQehEUFONyB31sAjdgkpxAkCe4VTTLDMxU2i_vV_Yp5kgnBymM6P04NUv3NRYpaeyPbPfpVsh8ayV1sU-cTa0a74ZQjyNGvI0YT2CC2l492B-Z2jEeEYdS5067nGAsIKMS91sF-WlBP7gvPX5kFDPeckN6PxuzTgsADXsTE8LPvGgLTbmJco7tZ7yLlIRcOvnPGh1bUbn7G4vlkIn6qGuUoP6FGcDOwp8nItLVr8pEjEknnZzwJuqZ8ds7DmBs79UImq5yNSYw02qPbRWzn4Hozez960j2qTaHlIeMrR1fkKkcVjnyqmz9IGDriFPpvv18j764kgx05TpHp8STVcup4GpNYR-NzYpFQRy4MP4dZishvUfjHH-UNcbQP6y562mMCy8-EVumGUEl3v2maOvMhTPG2n6TDT9C2XJKc2xfxn-E8YPyu-UXJ8JlSzy1OmCQptBbVaaaMlj7YbgP7iutK_X7c8_1r-nDiZ4wtfnvdhy3YirCqbbIDnINMzyigTK9pBgwbiMGnWx-_yEux_DhxPX5Hp9psRj1cg-m-yFHSuFof-9h7pJBY59j2uxh5LD3tv5G00RpHpteS-1C1Lt4iROaV93m2jRNWfXgSBkLP1xNNJEXGdS6NK7Pa5BwWTU4STyebmjBj9AQ8FoXvbgdTen2uZ0Gaho_RQ1JfSBISIkQHINAZ7aiLG2y5qWs6RSqfSob95d7lMhf8WuJqnEYvIzaV2QjHhnw_9_h7y-r84w9bS_r_yXjaOBgXENdm9X9u5xrepSg0zWbVwL9zjfSzx7evBvejufpQNYJf1e2NaW_fk-0-GzD6560UMDb7DezOaHfmUU8&cid=CAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13843236118941462489
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:50:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C0E3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CT8fYkdfiY4QZsjqeXjdvVsi3K4y-pSbsYAoUDgztdJYFkKeFo-C8rB2RA2F1_CiXSE9OvSODBn-baxmQLinVDI4ZwzSZOtbbpr1_LaC_l_wGS97rkF2oTX7kOB1v5kLUUwFV_O2IEydLUm3jd7qEXmvE9yg&cry=1&dbm_d=AKAmf-CpPYyLYMQ1MOB48yHSKfpi2VbHVpR2AhemEnSrVuW4XiRjeos3JyZiP-KAVLZH-5NmDJBPc77z_NPsKTa2waO0lJL3wMTng-qWL8O2t4YnsBi5MsBpZv5Jl55sxXi3uAidXJRRpGwpm2MT2x0AcyGLNdDfEjC966E37gNKuoBtDXpHNf6oHwCP-VsQaS3JtZgaGCUwuvOgQWXw72YJCK2pw0ebz27QiUT2S7QDxatfM6cJHJbs5iq2gigbFolGUgehuxd8KBOHzB5khXuuIJeAuEJUxOZkqfr6M-D7AUXjJXo22j7i0NBmIWqhiApGCVHBDqoMUqj0uRaEKtefHaoXQ6Embyl4ICNprUy_30UC1dFkV_jbQmJoNswzizQ3OWhtz34O9lo3MvTzjFQ4lLDmPOVyP1N1O6p4NLzYxlRurihZ1u7nBjEMduJ9kTygmcnipGzVuZ6kChhQI3_CEgyT9M7n9aPVvI5ZzWw1WsC403jGNvyG7XpCy68kpS68bTIsmWiWBTXJK3oTxThu-d8OXavoKNmoOwVxnw6NtWU0ovP9gBI6XUrUOS3F1GKy95xdEPovydaPiVMQxOx37a0RDFdA1YDVqbybq-fBSCBaSoWJk3fNDtXH-Y2iTBnk5Go8jpTw49zSDexTwkL56a9bmk_9XBmNQHbYWdKE7NTkzeaZZkBVB2AEgRsvYVqhNQSzubRM0i1xPVYEHxe3Ff-cX_fVij7Jt_l0m6NOYgsOdNsj12_2j-SzLWskNQQdLzseETWgLuw9GZBLQ4E5f3_YUEuA3fUd_yagjvbKU4PvvYrkBZWIP-cjFZE6xCOAdYbemeS6Vti2GEmNmcgNcworluJvPgzEd5BO_mQ-gOCBNNcP1MyZwkZg7uB_utGuKL5W1ZsnpCJZKH3UWOKqVcF-GtS4k8hrl0yvoRNuicIA3dSjWt1apT7O0375tIcsMdoXAQ3jdHFT7HbzqYAx_ERKfHrubOM8DYAaby_Du_vEmGwX6vfT_077-_i19ImebsAlv3ecMHXwoagS_KA1chUiuK6YganTCFQOI3SdTqno4klTeXXflaByG6Fq5tni5Yoy15knmTHIvEoos2CvYzAwoWUR2HNmHRPmEPXWBGw99-86tSWfLm-foTnrJ2XGO34yci16EL2aLNuQNpkpIlRX-yfrVS4PwWeTwU1K9OU7ZREMXWyszfPChcKF0mB8wOBo74usAcdHjOHR-JtCzNljjm13jUTyls0fbhA2DfRFjeUFDC2NKPEnSfzuJ_6RUul7uQxAr77thZM4LdPpfuK1FhfIrba6b_srE6u05p6f-QOQFuhhmkSWgzKrzW4aGPeM5uuXDOTRZnXKwnNymhMiyK3xQfUJYDV_Navc1OrlpnULZFFfXGybvyWiEotbGCr-YBj5iYwIUs3USs3Kr9-DfvvTIhla5yZNGS4xKXFR9wghnRwRzR3Spl9pW8zi6FP1aRdfb8AT_iP1RgMK8xfRXFEslotMhEtBzzCsg6LyQkry4wyLbc1GCKHXxEozh5AlttzSesJSuPvUTzF1A-m33s3VOrZNDPmtyK9i3yTqqe8zxnHTnA8b1b81c6LjxYZmX3M9UAQGec5nhjXggehDE9UbLaAOPTrGuiNHz4bbp_fj_LwjNJgMtp79U1sNZXRVqTf-n1DKG1luG9GHvElxdl_597z3Ir2DBFsCsUCfs45MrL9kIsVHjxpesU4hSW6eQu79udVw6MQl1H888hVlIhowzZwZRruFFR35-IDqMUhN1_X7qDFpjrzeNWc0QMODsLZ0Ez6JUTM3SXjt7J_kuv0EsI58K6YdujyuO3ZCElr5VVAlPaWnmO1iOuU6hxlBwAo3WkLt-J9EIB-_8GfYcWasMA-AJntPRfB13bu0Fy9wUxXHwLTyLu1w-LAUa-qqvpC7RUe4aB1cFKRdUzuk4y2smtAknXZXghiSca4JfjtCxXy4-vIG4PClN6wIzieDe8majufRV2Qf0hwg7M9UBwzoON6k2q_3BbvG4mATRGz5JP4omD_eB70bRFj_PNefIA-igwLzhoU7Q-2nHTtrp4HB3U1rrf2pwDVFUGoxXCTb1nX1ba5w5tqNoqh2pAOfJp-A8n7aTXhDMR4sNQ7_PZHN24HZp-gD1yEyS_bj8MxWUKt0GlCKYd7XNqzOQFV2JQ2rCYWTR5bf8V7v7FFb7XQuy_vYMFvEniM8hlJ75-oMwf6YdPaAXNbqCC-ia9cAuRJlKYXHwunaAceChAoL8_Gqau_pIBikr5nhrGoV351roAXsqGSkAUbDtCnWHCBkojr9bF8H9S_ooP0Q2VHncwDT6icK19PyKp_jUCi4Q03XuA-Y5SDaYIb23-N2QN10a_8SjIGAqs392uCmA5oFeIZFRert3wBPTtGTw5492GGWXqEPaoFUing1fAq7Lemz2kZ79REdetvYkodd7JqIqOQ8EqslbcF-lu74ufMUaR1hD3IHqQzOpjYOCPcQehEUFONyB31sAjdgkpxAkCe4VTTLDMxU2i_vV_Yp5kgnBymM6P04NUv3NRYpaeyPbPfpVsh8ayV1sU-cTa0a74ZQjyNGvI0YT2CC2l492B-Z2jEeEYdS5067nGAsIKMS91sF-WlBP7gvPX5kFDPeckN6PxuzTgsADXsTE8LPvGgLTbmJco7tZ7yLlIRcOvnPGh1bUbn7G4vlkIn6qGuUoP6FGcDOwp8nItLVr8pEjEknnZzwJuqZ8ds7DmBs79UImq5yNSYw02qPbRWzn4Hozez960j2qTaHlIeMrR1fkKkcVjnyqmz9IGDriFPpvv18j764kgx05TpHp8STVcup4GpNYR-NzYpFQRy4MP4dZishvUfjHH-UNcbQP6y562mMCy8-EVumGUEl3v2maOvMhTPG2n6TDT9C2XJKc2xfxn-E8YPyu-UXJ8JlSzy1OmCQptBbVaaaMlj7YbgP7iutK_X7c8_1r-nDiZ4wtfnvdhy3YirCqbbIDnINMzyigTK9pBgwbiMGnWx-_yEux_DhxPX5Hp9psRj1cg-m-yFHSuFof-9h7pJBY59j2uxh5LD3tv5G00RpHpteS-1C1Lt4iROaV93m2jRNWfXgSBkLP1xNNJEXGdS6NK7Pa5BwWTU4STyebmjBj9AQ8FoXvbgdTen2uZ0Gaho_RQ1JfSBISIkQHINAZ7aiLG2y5qWs6RSqfSob95d7lMhf8WuJqnEYvIzaV2QjHhnw_9_h7y-r84w9bS_r_yXjaOBgXENdm9X9u5xrepSg0zWbVwL9zjfSzx7evBvejufpQNYJf1e2NaW_fk-0-GzD6560UMDb7DezOaHfmUU8&cid=CAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46787
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 01:01:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame CBC7 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARp9siHi9ZUqERavdOKF7yKcS0KPLq-y4Jft6REXJJPeY2KD9cuGgnj8vShnn0EZ5FcBJss-ha6Kg3Q9YtpEtPQYH2K800NI_AuOTGhVoN2JdTlwuc29f1x4EMGSiS7c9K3af-a2QbqdJL1UgmzDMOuAbPYw&dbm_d=AKAmf-AWw-kor3zhZ0XBsj4wpTnq6-WQHq0LmVK2314VMMpN4aa-rL95t-YOU_HdRrR0D9cOgamFYmjvoRGjC-WpDSi0kXsOcjpzuJlayAFE43TcSrT3lssrPnHgoSaNY7d7OY0Co4YbcVSB8jlOQsFWZIrj5jIb0K_Y9t-q1A1IMGvB6C7iT2vXYx3ptrdpASHahdy1glmN4wdPxWGkT8uksMQjWRK4sFUIFaRgvsBBJZ8z5YHmzhLhRHqiEnhzJO_jQy9K_801MU7JqSbk0Bzk1L6F7N67FbhCwssT0EdGXGgIoxefwhoZj4GeSfjJLnUpai2SD18Xn68ayAKhfGaHwTAk_CNOJJhBKihSLYiRrbMQBXo8FW9WfOvqZCvzB1QkfdQujXRwDH1TFjvlsTS57UVkDVcag94ibw2_6wbClXcTG3jurVqcR22xsc9XbQi_lPhArRON6U9PJwWZcZC14HsvhrNey9PWtOBXBAwC6BFwVDgn4sGO9CG0M6GwQOv340DIoMUH7hLGmt8mFTnVpLe4cCXktYLLIc4MiHiSWD-EQ8CN5f3RjR1IyvwXSi94ji0qb1kBmLDPkBpECINsHidhdJwPY4ttzssKGbGL-ZiiwCOIpNgZZMsZtDbeKRWeXYBdN54StrDKqM4lSWcsyeSLloXK6GzFMikXDiOezdoVm7idAG2Lg9o9N0cqPQuHZzxjFftF4693frJNTvI3cFeNrhFCAAEl9S8oKwQgUhWUkOktHT5nXvSABghTHg8fptfIdQMw7O7pu-fVeb5d2tyxNYO35YHAoVu3e41P7wn3gfBtuc8rw16ODTKx6gw37a0SSPF7jaHR3nDKSKh_fGj-w2BkUCjYQhkgrS6ZMzEX7_dUn1vtg5WghBYp_t9hgBus1ww9TvXUC6YzkJXZmQYVBv_SBAyaHHWi5Syn7RIU4WhIczmP3ny9DvMlMtYh-p4uAH7ItbamhcX-ZBSIoxfKyQQKS0_LxR7SN2W6g6XEtfx5QZDs_AR3W8nZ85O4Ph83CQ68Gp4bIZsKvHhtKvHfJ8PXmWA4Kz5oYgLuzw37G29-exr78l_TGaaoJkKyORlvLZvLt2kPCShubCKdk3_y56F2o7cw5IvKreb1PmSeL-otV4LGn_PWYQG0gq4SINcmExTOQle5AYJrblTewFvjYwEp0jI9fxBq9te6io-cp6VgWvQens3BQ7clQNN-Q9IRHYlngOeYilkm37uLXP6qU5nEF9cP2lta54Acq-yzpwjxJg0QAHLi95VjmREv0NfvXl36y6kAmGXso7ks7jdzJjZMnTZgg2CBVXQS9cFdebgtrHyjg7dPAT7jGZn-VDOqNzJLnl2cap8xj7Wg8BU53OVSnHrIvkiDwUtkx7CO_s71MTZpA7BCI_fyRg-tVPZUzhA4LXn2TIuIw5aRTPF7d8Is7_uPIYQUepPsH1hAVuwbBKKsxa_qphFsg91roCEKnvq8erk2DJKfmjcV8hrxdl4Aa2J7TmtHzr0qgd3HsNWtCExU3xNACcNCXX9xLNY0Q_7uS72qekPTNDPPwFhM_eWyIwZKqNSwJ3jVAk8e42z9kt9rmjBUX8y-PbO18a1rZm1QzEif4rfHqaQ1bQeb3l1TkuuBy7-79m6M8_IVZ2-yKUCOvR6WORNoqYZyfDvw4O9GJIi88LjuShsHsZ-oCiHcogN3tnfDkuf2ghYgAAOc7Yw-dkCLWydw_TbPFMKHtwnFCZWf5VDKaHx3kaZcnWt7Xx4O7ylaTzTIW32wiRT0ifxXeQBaWaZ6jnNdFjI_lfzPYk2nY0N2OYEtjHDXsI5_YnPw-KUZmeIZ3XOGlSLClKga1GoYXmFoXAYPlPDv4GOltYnfFE0UboOSjIfppmwKLURp3ebu_DhP0puf-n-_46b_m7W0Ntkv4tCwtl3N5_jWXhtdwBKMWu-fNXzP9ZFEUmdtckkHXL8PY-u6WTHtwVYfX6SXS0M69P0rfN9tYfe8dr24VDbi7KU2KvyWNmd685TsP90shMKmLJqBM8PjPIyieHRjYyE95LbiyPzm21aTOVF6V72Oj02CgtTBvspUyo_rktDimUNaK5wSmSjrmO4vbJuGMhkqGs9F4DbFlrwyjD-tz34zBL9XXLn8Uu2Jhz9az_dkH5ui_aOBSX_xwOX38McMuoGhOFkfr89c5LfszrOuTqeIIPOHL_pLYrhapi8GlKlE6RO_OKo371QNTndIiCzceLZBlDLRanfEaUXnfw0CvUnqi82XBuRwLM18VsePbJC5h46YbE6qKg6E59CSdFSEY3ds2QPWNRnBKyULFhwUH32G60L8zRwnB9_Dt7OPIPaXGqiLz9w2fsHU7KU5ym0yz3P7zBdtX3UYMwZ95hlWmNf6hS1imSx3KSY4ftpbNH_VO0oC0s4X5wvSDSufP_I-E_6aBGp-jRK6NwfNFMO8vIvgzF5wcQ5dHxsASwR6NZIL92AdRnIfNJ2J9Of7YN0-MRolqpI0tOSRJ0NSgJri3GwLrqzCF6V2jPwM4d8jDPj0PvIvdSYnnEtfHd1-vZiOsmhOrbYj4An4uPDlfbwFhRTspUPO7VosV_JInN09yFbLKpfzoHur4ym4YaDmGEGkaduicr1kMXCPvIMWR6eJiO9omSar5mkODXTK8rAYzkSaZw_4KIU3BI8PU3GHKiYj35fXwK3VxNR9KHA7f8pgS_KVE1Wr99Ixi6fKSGOrLzNK3Qn8MKiY9ERz6RR1hSc1DQ_1wZpKrkI-_5RuDZx7ugngfpWrQ0aMejLIusQ6ER7xIE_HoF9Lj-oMXKukbidI5A2MIT0yTPZunrxhefl6I-NEWYlZ8htdB-UAKco0bTW-rIXsNcgpTaUFpK5QRyUcSXg_xQkyZHxk-E32gZv_-dp9XlGLehe5feUmjXe12v6P7YxCRhtV5BA_gtcBeo82HDn3mLKvwwa7lb_rkGmYKspROl_60mz5s0jocY6CIo9cL_jCkolSbMOZIp6QvddCQn4O5umnJPuBs0SUbuRC0PpMWzOjTv3gMdajpMA138t0yMRWOVm-tq2bdcmq06kyX9zx4I4LEwCWVeNUWmdYAe4rZ4sWeKr9OYa-L1MD3SYHw1ElPhyuwFZ1k8mSrarQjvnIYCR4Qt9K5Th3gwJR0YQ0WsfbNE5lcCCBHx8wEWvheaIqmMDvHod3DKFcIUNPjnHsf1FiApVrp1CA_WicWsr-ltYn7sxJ80qyL67flxKyw3R-i685qceqt0kYAQccVBjklR5gVLWWv6jpxeCaYlWjdsRQpGtObLSffW9iOfNXEVXm5JLAeONlpoJ-rUTAGdDy2nA0Hyy67JuCbnuKYyUiE1TUh9gygWjDzNwJGb29-9pRIqpPG4HLEw5ocd1g-7QCvwdjKUAmJOXKkPeGfGc3gIYdVqPxrAXN4f5SeXTx8C8Hwd-Ef8eEGS5MHQAsrfC6Vn-R4AwCT2h9&cid=CAASPeRomVYeFtio5f3fnYeK5qThxVrakToNzMXaG-7f4D2sWZ2pEkuMS80BplVYOcBhne1e9siYT2-Bg30L3Vs&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13843236118941462489
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:50:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CBC7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARp9siHi9ZUqERavdOKF7yKcS0KPLq-y4Jft6REXJJPeY2KD9cuGgnj8vShnn0EZ5FcBJss-ha6Kg3Q9YtpEtPQYH2K800NI_AuOTGhVoN2JdTlwuc29f1x4EMGSiS7c9K3af-a2QbqdJL1UgmzDMOuAbPYw&dbm_d=AKAmf-AWw-kor3zhZ0XBsj4wpTnq6-WQHq0LmVK2314VMMpN4aa-rL95t-YOU_HdRrR0D9cOgamFYmjvoRGjC-WpDSi0kXsOcjpzuJlayAFE43TcSrT3lssrPnHgoSaNY7d7OY0Co4YbcVSB8jlOQsFWZIrj5jIb0K_Y9t-q1A1IMGvB6C7iT2vXYx3ptrdpASHahdy1glmN4wdPxWGkT8uksMQjWRK4sFUIFaRgvsBBJZ8z5YHmzhLhRHqiEnhzJO_jQy9K_801MU7JqSbk0Bzk1L6F7N67FbhCwssT0EdGXGgIoxefwhoZj4GeSfjJLnUpai2SD18Xn68ayAKhfGaHwTAk_CNOJJhBKihSLYiRrbMQBXo8FW9WfOvqZCvzB1QkfdQujXRwDH1TFjvlsTS57UVkDVcag94ibw2_6wbClXcTG3jurVqcR22xsc9XbQi_lPhArRON6U9PJwWZcZC14HsvhrNey9PWtOBXBAwC6BFwVDgn4sGO9CG0M6GwQOv340DIoMUH7hLGmt8mFTnVpLe4cCXktYLLIc4MiHiSWD-EQ8CN5f3RjR1IyvwXSi94ji0qb1kBmLDPkBpECINsHidhdJwPY4ttzssKGbGL-ZiiwCOIpNgZZMsZtDbeKRWeXYBdN54StrDKqM4lSWcsyeSLloXK6GzFMikXDiOezdoVm7idAG2Lg9o9N0cqPQuHZzxjFftF4693frJNTvI3cFeNrhFCAAEl9S8oKwQgUhWUkOktHT5nXvSABghTHg8fptfIdQMw7O7pu-fVeb5d2tyxNYO35YHAoVu3e41P7wn3gfBtuc8rw16ODTKx6gw37a0SSPF7jaHR3nDKSKh_fGj-w2BkUCjYQhkgrS6ZMzEX7_dUn1vtg5WghBYp_t9hgBus1ww9TvXUC6YzkJXZmQYVBv_SBAyaHHWi5Syn7RIU4WhIczmP3ny9DvMlMtYh-p4uAH7ItbamhcX-ZBSIoxfKyQQKS0_LxR7SN2W6g6XEtfx5QZDs_AR3W8nZ85O4Ph83CQ68Gp4bIZsKvHhtKvHfJ8PXmWA4Kz5oYgLuzw37G29-exr78l_TGaaoJkKyORlvLZvLt2kPCShubCKdk3_y56F2o7cw5IvKreb1PmSeL-otV4LGn_PWYQG0gq4SINcmExTOQle5AYJrblTewFvjYwEp0jI9fxBq9te6io-cp6VgWvQens3BQ7clQNN-Q9IRHYlngOeYilkm37uLXP6qU5nEF9cP2lta54Acq-yzpwjxJg0QAHLi95VjmREv0NfvXl36y6kAmGXso7ks7jdzJjZMnTZgg2CBVXQS9cFdebgtrHyjg7dPAT7jGZn-VDOqNzJLnl2cap8xj7Wg8BU53OVSnHrIvkiDwUtkx7CO_s71MTZpA7BCI_fyRg-tVPZUzhA4LXn2TIuIw5aRTPF7d8Is7_uPIYQUepPsH1hAVuwbBKKsxa_qphFsg91roCEKnvq8erk2DJKfmjcV8hrxdl4Aa2J7TmtHzr0qgd3HsNWtCExU3xNACcNCXX9xLNY0Q_7uS72qekPTNDPPwFhM_eWyIwZKqNSwJ3jVAk8e42z9kt9rmjBUX8y-PbO18a1rZm1QzEif4rfHqaQ1bQeb3l1TkuuBy7-79m6M8_IVZ2-yKUCOvR6WORNoqYZyfDvw4O9GJIi88LjuShsHsZ-oCiHcogN3tnfDkuf2ghYgAAOc7Yw-dkCLWydw_TbPFMKHtwnFCZWf5VDKaHx3kaZcnWt7Xx4O7ylaTzTIW32wiRT0ifxXeQBaWaZ6jnNdFjI_lfzPYk2nY0N2OYEtjHDXsI5_YnPw-KUZmeIZ3XOGlSLClKga1GoYXmFoXAYPlPDv4GOltYnfFE0UboOSjIfppmwKLURp3ebu_DhP0puf-n-_46b_m7W0Ntkv4tCwtl3N5_jWXhtdwBKMWu-fNXzP9ZFEUmdtckkHXL8PY-u6WTHtwVYfX6SXS0M69P0rfN9tYfe8dr24VDbi7KU2KvyWNmd685TsP90shMKmLJqBM8PjPIyieHRjYyE95LbiyPzm21aTOVF6V72Oj02CgtTBvspUyo_rktDimUNaK5wSmSjrmO4vbJuGMhkqGs9F4DbFlrwyjD-tz34zBL9XXLn8Uu2Jhz9az_dkH5ui_aOBSX_xwOX38McMuoGhOFkfr89c5LfszrOuTqeIIPOHL_pLYrhapi8GlKlE6RO_OKo371QNTndIiCzceLZBlDLRanfEaUXnfw0CvUnqi82XBuRwLM18VsePbJC5h46YbE6qKg6E59CSdFSEY3ds2QPWNRnBKyULFhwUH32G60L8zRwnB9_Dt7OPIPaXGqiLz9w2fsHU7KU5ym0yz3P7zBdtX3UYMwZ95hlWmNf6hS1imSx3KSY4ftpbNH_VO0oC0s4X5wvSDSufP_I-E_6aBGp-jRK6NwfNFMO8vIvgzF5wcQ5dHxsASwR6NZIL92AdRnIfNJ2J9Of7YN0-MRolqpI0tOSRJ0NSgJri3GwLrqzCF6V2jPwM4d8jDPj0PvIvdSYnnEtfHd1-vZiOsmhOrbYj4An4uPDlfbwFhRTspUPO7VosV_JInN09yFbLKpfzoHur4ym4YaDmGEGkaduicr1kMXCPvIMWR6eJiO9omSar5mkODXTK8rAYzkSaZw_4KIU3BI8PU3GHKiYj35fXwK3VxNR9KHA7f8pgS_KVE1Wr99Ixi6fKSGOrLzNK3Qn8MKiY9ERz6RR1hSc1DQ_1wZpKrkI-_5RuDZx7ugngfpWrQ0aMejLIusQ6ER7xIE_HoF9Lj-oMXKukbidI5A2MIT0yTPZunrxhefl6I-NEWYlZ8htdB-UAKco0bTW-rIXsNcgpTaUFpK5QRyUcSXg_xQkyZHxk-E32gZv_-dp9XlGLehe5feUmjXe12v6P7YxCRhtV5BA_gtcBeo82HDn3mLKvwwa7lb_rkGmYKspROl_60mz5s0jocY6CIo9cL_jCkolSbMOZIp6QvddCQn4O5umnJPuBs0SUbuRC0PpMWzOjTv3gMdajpMA138t0yMRWOVm-tq2bdcmq06kyX9zx4I4LEwCWVeNUWmdYAe4rZ4sWeKr9OYa-L1MD3SYHw1ElPhyuwFZ1k8mSrarQjvnIYCR4Qt9K5Th3gwJR0YQ0WsfbNE5lcCCBHx8wEWvheaIqmMDvHod3DKFcIUNPjnHsf1FiApVrp1CA_WicWsr-ltYn7sxJ80qyL67flxKyw3R-i685qceqt0kYAQccVBjklR5gVLWWv6jpxeCaYlWjdsRQpGtObLSffW9iOfNXEVXm5JLAeONlpoJ-rUTAGdDy2nA0Hyy67JuCbnuKYyUiE1TUh9gygWjDzNwJGb29-9pRIqpPG4HLEw5ocd1g-7QCvwdjKUAmJOXKkPeGfGc3gIYdVqPxrAXN4f5SeXTx8C8Hwd-Ef8eEGS5MHQAsrfC6Vn-R4AwCT2h9&cid=CAASPeRomVYeFtio5f3fnYeK5qThxVrakToNzMXaG-7f4D2sWZ2pEkuMS80BplVYOcBhne1e9siYT2-Bg30L3Vs&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46787
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 01:01:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 1852 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIq3EuWexu9q6UZMx5ziVTlAUtVGlehyH_1gZewTEnfkmYrN6empk0esPyjdN8V-Qv2MCiAvYnSHICj3A33PP8Xt0491UgUJVBrtLVSi7RqaejNdE4TySMJTmzFKAj9JQM-fyChXB6Q6BBQwPPMaosbWVc9g&dbm_d=AKAmf-DLixRFM72wQjo5VKsxrKjk4zotkq2iTSyL04qvVW7SdkjUPFwe1ZpB72PUd3UhB5B_k_5BvXWmbksvz6zG1MsaUa7YvEb_vQMO56LMJ5JzVfpL9smSVkAyCLimhoOuNSUkli3Esowk56VVujcpp5Ai-bk_53zaK7dKIVsmBA5eBZeQZ3D01CPYcClg621wKDJ8gqwvgDupdLl-DGN64IX8PdNpXnpz0fgUHUtOJ9NNVPW-L3LB2JBbyOVjy9exH0FUsLSCqhv9JZ4bq2TeYsyd0Vm054BIC8fmDtpGn5v-9qis9XB3_5kQ9WamlgIpol18HiuITlvIm-qlvna0gEC7oyz5mSKZCZ-snc56BDDCCfzNwDnnhG1GQc5-itvIFJHqeEY1xD8Zjc6S-USUonDiNSUGtt2DLd1uXRXtqYkRz7YdJhmFJkG5btmhoKvzBQ-s3ia4UOBy6_znwaRE4GPB79nu7G6plWY7yPUc-slKPQS8CA1HPvFU_Rs7-HG9Ar-ERZ-PBtxrs63Ed3AeKR200Tn4DBJ06RCBsqWgueksQJwiTT70bkaJ-vYti2iORzdZkql7uJsXHDbh-1t0WR0HrA9djOdMGS6nfAESNSq_mUy4Q5QbLUlUm1hpnYPZYVYW7NVXw6H22kuC2kiT6cdPYod_MpLNQdSUm6WdD1nLmjtkQaHCFr7ZY0cnBRS9qPQpp2SmbYFpzJEdxh5ux7IkyN5Y77Z1EeIQ24lvo-NU6vBU_JJgHxd8mGaA_soK-L4CkxifnIyHIb1TwhZVm9d2_iljTsK9IxAFinrpVFfrR1gCUgbJsAZ2FoQh9PH6kS0oWwP1Vd61kkGOI7wH-i7nf3PLAUTNamkkZlRVqnBtDgc5sSTswDjxDUmfKAmUxXIhuRjbtYmGayKf9yhE-f5Cw1eXYJEVcY0BBh54pK5LPA9zva7BydlmAi7eL4MEUSp01DXd4h11ZvoZw6awHnSLkcYVJAXqraLnYSvLfAqoA8U7zJGOWpO5H_D3LoWPqru2wi2X6hZyqT32cavPwXKFh2LgUgWv3nHyhptR3S0_9s53E7oOgwZZlgwZJGzsOC7N3BjGWdY4j8n0-XaahuGEyCFryuPfKAvQGy1z36k1vR2EUbVejHgKi1Nqhhmq_lGYRSld3Jv19Dn5tA4Hhqq9OEunEU2ucEESZgxVccpnA4DIdE0HHJe94dJNzlaVs5vjjGgFnQ94rwk6ByEe-HPPPjHzdCUpI9RWyF-OT2ih9jHl9un4Y6bnlOXcr-oXx7MK3_gEP0C91S9RGw75wJGNL9o4rxcNmL0St1lOztVkiDLRKlK_ImHKJFRgiULgqWiJbcA7vgX3PtDxwhCoDugA5DAmWfWcAjcc6puG7WgZlK7660PqoT2HhzWov5RaHEnJdwsY1q5KmTdnj-LHrJb5i2T2D9atmOWt39mmW_V-UcewVR4BXZ6jj9eecd8mMALKb4BbXupFKuK0TctMIH3zGnq4MvUBxkRg_UIcVXn_-g83ngiJudHZ313VOs-MyVu1XKfj-ef7lcl29sAo98wJUzs6rcTQOgZzigg5ag_S6LQDq2HAtpUlGm3JDTXqHoOWs3wh-8HVgNiPjkkKfaA3Rxj5Wb94axatFi_UsybEiz0vREN6_-O1Z_VX2QY5sRboj37mya1QgLTadu-CGLAxtemmLz12W59RMAAnQuDJkIuIxUVUvC4OKbVe3e-z1AWQ6e4xYu4f7DruD7EEhuEZ8i8eIr3sM9UF5q-gGK00Xge0YJmBdsguLbxD_dJazLvOaeBJrZOYSLApkGM8F5mle_Tg9z9Dtf4QRh_QRuTzbJf2M7MvQg6IMUDiRfQIDbQg_kSU8vFVG1GEGIZQL3A2xdwgkZ9A8VruT2M6ph-5NmKnmTnNckZ7gfi7qrR409P97yap3SFlP9Np4mCDfSrisolzMW6zE996Km2yPXHe4HzNiwWkGWCSveqIm4inM1lkLpxa0BZD0ITGSb4wdUrbJ4TcyxjS2wcpjrfbKOeD1fHS9kdIFNMpzZ15PkTXr720E9SuDK642rAlIHzYt00e2Kawf92GlhSrXsQh0vQKWeV2GzQx_mcawRKgB9kbwH2LtCUxvUddR-x7Z1qwcYopRYttyieYgpLbLPgxubxY3qSLWIn6EcqaZ-MDGFrpIHoeup0wyTz4h0xYMcxSQRQ48GX5neK07Rw7aDcWVC_QT13dOJ7KNCDBUVBhgffRdc9S-3RY3RdS5w0vY39hMzq28kWn_oI7ACAOCdyLvoucHrHUNjgu-0EJp9wIV-4o6Dxhf8lqIxT0AWM8CPGMF44u7lzolqaCbmMN3ThH7IhN-oQ6rCuJpobOk-pcOY3WzneEd5FuJHzHpQcbnd1_O896xNZyG08G6H0S6NqAtmQWE-BKFg_q6mii1gOcDhBdzKYOqN5nV3ph695Tm_RjaogpNh8PUWJAeT5EQ58sKUpnBGzQXwcqHsL73Mvf9eOWO3PfG7D8d-GOmyvP8KnTkKhuOph7XboVodYihz0sF8HoGcsOWdcQXtNhybvHX4jy4SoDIYMm6e_Iy6UZrFbRP20O7WB8n74VV5mUwfDBdZvOMo__4y0a2ANonLzOE0mweI1irGJDu-FR8qFdYIsWY9F8-N7dXXMIslrjXsIh06nb9ZxOeeJdx_lC1adl4Fcf_MhHeRnW1ShO3-AoinytVVo4k1nqIlYlg-by2ZEozTfvppNGvN-AEcZYge7p25Z2URc6S4AhKijzsX-kz2Rl-AEPHx6NcPVDzxsnJYF1uDb4EDqF_nRdx8qYXgLhZJn678qJfmyF1zJH1lF3PZ09hMS6sLZ4WU8XaqmqoX5WVgNLWAD56Sgt6NcS_OKi7x-3lCYD9SDOxNLfLnDNBZZTxS407YaLdi2_nMkGk-1S68Byl-wMFjFIrxbHRuroyVwK8Vwxi4rxwsh-is9ve8bHNZl_qzZWxIA30pBPAHdY2tzpB2Md21MMV-czlpR2nmR7YkWqCJjRlQiB1MayG3aeU-l7dBMfVrU4cvvPICQFEKcUf-u9FC81q932uB9aJLyw2W5WC9RZLfvTgUZfcv1k1C5lfo1eHdiNvzwbzQV5JCZH_Yb2B7kchmz-8rFyCIZahib2brnN7IFAEDP33RCOCybLdX8DB2p3WRKx1ws0vGx3qLqTgCLEhHhEFRZhpAw6BLjleCnATxiIVaQysOlkIpNBf8xnifQ3SQoyI8wP2gz2DYCHLhuEZmLwFIeMqC1HgnOowv44eGDOY00_nW0c5xH0LCtuWL5d6NUs-5ghqG5S6XlDHVImt0G2MG4eAnHLsglodsdhBl1crPL_IOAKR-MiDWjAmjQhKAPDsxP8o6B7ha-PH0mFazkw11XvrkMKBMFFy52dSuJVQ3meRnuFNO7j6UJfJMbXDOiR-KvxdHQbp0699h5PjKQh4rT4NAt1RAua_2DW&cid=CAASPeRoRh1VMDSbUuSVaNbV7ZRd-F9MBO496nzEPwgW-bNjJCTPlCOfu_iRHhysACHUDdDDLAU1EJ9iiJx2r78&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13843236118941462489
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:50:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1852 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIq3EuWexu9q6UZMx5ziVTlAUtVGlehyH_1gZewTEnfkmYrN6empk0esPyjdN8V-Qv2MCiAvYnSHICj3A33PP8Xt0491UgUJVBrtLVSi7RqaejNdE4TySMJTmzFKAj9JQM-fyChXB6Q6BBQwPPMaosbWVc9g&dbm_d=AKAmf-DLixRFM72wQjo5VKsxrKjk4zotkq2iTSyL04qvVW7SdkjUPFwe1ZpB72PUd3UhB5B_k_5BvXWmbksvz6zG1MsaUa7YvEb_vQMO56LMJ5JzVfpL9smSVkAyCLimhoOuNSUkli3Esowk56VVujcpp5Ai-bk_53zaK7dKIVsmBA5eBZeQZ3D01CPYcClg621wKDJ8gqwvgDupdLl-DGN64IX8PdNpXnpz0fgUHUtOJ9NNVPW-L3LB2JBbyOVjy9exH0FUsLSCqhv9JZ4bq2TeYsyd0Vm054BIC8fmDtpGn5v-9qis9XB3_5kQ9WamlgIpol18HiuITlvIm-qlvna0gEC7oyz5mSKZCZ-snc56BDDCCfzNwDnnhG1GQc5-itvIFJHqeEY1xD8Zjc6S-USUonDiNSUGtt2DLd1uXRXtqYkRz7YdJhmFJkG5btmhoKvzBQ-s3ia4UOBy6_znwaRE4GPB79nu7G6plWY7yPUc-slKPQS8CA1HPvFU_Rs7-HG9Ar-ERZ-PBtxrs63Ed3AeKR200Tn4DBJ06RCBsqWgueksQJwiTT70bkaJ-vYti2iORzdZkql7uJsXHDbh-1t0WR0HrA9djOdMGS6nfAESNSq_mUy4Q5QbLUlUm1hpnYPZYVYW7NVXw6H22kuC2kiT6cdPYod_MpLNQdSUm6WdD1nLmjtkQaHCFr7ZY0cnBRS9qPQpp2SmbYFpzJEdxh5ux7IkyN5Y77Z1EeIQ24lvo-NU6vBU_JJgHxd8mGaA_soK-L4CkxifnIyHIb1TwhZVm9d2_iljTsK9IxAFinrpVFfrR1gCUgbJsAZ2FoQh9PH6kS0oWwP1Vd61kkGOI7wH-i7nf3PLAUTNamkkZlRVqnBtDgc5sSTswDjxDUmfKAmUxXIhuRjbtYmGayKf9yhE-f5Cw1eXYJEVcY0BBh54pK5LPA9zva7BydlmAi7eL4MEUSp01DXd4h11ZvoZw6awHnSLkcYVJAXqraLnYSvLfAqoA8U7zJGOWpO5H_D3LoWPqru2wi2X6hZyqT32cavPwXKFh2LgUgWv3nHyhptR3S0_9s53E7oOgwZZlgwZJGzsOC7N3BjGWdY4j8n0-XaahuGEyCFryuPfKAvQGy1z36k1vR2EUbVejHgKi1Nqhhmq_lGYRSld3Jv19Dn5tA4Hhqq9OEunEU2ucEESZgxVccpnA4DIdE0HHJe94dJNzlaVs5vjjGgFnQ94rwk6ByEe-HPPPjHzdCUpI9RWyF-OT2ih9jHl9un4Y6bnlOXcr-oXx7MK3_gEP0C91S9RGw75wJGNL9o4rxcNmL0St1lOztVkiDLRKlK_ImHKJFRgiULgqWiJbcA7vgX3PtDxwhCoDugA5DAmWfWcAjcc6puG7WgZlK7660PqoT2HhzWov5RaHEnJdwsY1q5KmTdnj-LHrJb5i2T2D9atmOWt39mmW_V-UcewVR4BXZ6jj9eecd8mMALKb4BbXupFKuK0TctMIH3zGnq4MvUBxkRg_UIcVXn_-g83ngiJudHZ313VOs-MyVu1XKfj-ef7lcl29sAo98wJUzs6rcTQOgZzigg5ag_S6LQDq2HAtpUlGm3JDTXqHoOWs3wh-8HVgNiPjkkKfaA3Rxj5Wb94axatFi_UsybEiz0vREN6_-O1Z_VX2QY5sRboj37mya1QgLTadu-CGLAxtemmLz12W59RMAAnQuDJkIuIxUVUvC4OKbVe3e-z1AWQ6e4xYu4f7DruD7EEhuEZ8i8eIr3sM9UF5q-gGK00Xge0YJmBdsguLbxD_dJazLvOaeBJrZOYSLApkGM8F5mle_Tg9z9Dtf4QRh_QRuTzbJf2M7MvQg6IMUDiRfQIDbQg_kSU8vFVG1GEGIZQL3A2xdwgkZ9A8VruT2M6ph-5NmKnmTnNckZ7gfi7qrR409P97yap3SFlP9Np4mCDfSrisolzMW6zE996Km2yPXHe4HzNiwWkGWCSveqIm4inM1lkLpxa0BZD0ITGSb4wdUrbJ4TcyxjS2wcpjrfbKOeD1fHS9kdIFNMpzZ15PkTXr720E9SuDK642rAlIHzYt00e2Kawf92GlhSrXsQh0vQKWeV2GzQx_mcawRKgB9kbwH2LtCUxvUddR-x7Z1qwcYopRYttyieYgpLbLPgxubxY3qSLWIn6EcqaZ-MDGFrpIHoeup0wyTz4h0xYMcxSQRQ48GX5neK07Rw7aDcWVC_QT13dOJ7KNCDBUVBhgffRdc9S-3RY3RdS5w0vY39hMzq28kWn_oI7ACAOCdyLvoucHrHUNjgu-0EJp9wIV-4o6Dxhf8lqIxT0AWM8CPGMF44u7lzolqaCbmMN3ThH7IhN-oQ6rCuJpobOk-pcOY3WzneEd5FuJHzHpQcbnd1_O896xNZyG08G6H0S6NqAtmQWE-BKFg_q6mii1gOcDhBdzKYOqN5nV3ph695Tm_RjaogpNh8PUWJAeT5EQ58sKUpnBGzQXwcqHsL73Mvf9eOWO3PfG7D8d-GOmyvP8KnTkKhuOph7XboVodYihz0sF8HoGcsOWdcQXtNhybvHX4jy4SoDIYMm6e_Iy6UZrFbRP20O7WB8n74VV5mUwfDBdZvOMo__4y0a2ANonLzOE0mweI1irGJDu-FR8qFdYIsWY9F8-N7dXXMIslrjXsIh06nb9ZxOeeJdx_lC1adl4Fcf_MhHeRnW1ShO3-AoinytVVo4k1nqIlYlg-by2ZEozTfvppNGvN-AEcZYge7p25Z2URc6S4AhKijzsX-kz2Rl-AEPHx6NcPVDzxsnJYF1uDb4EDqF_nRdx8qYXgLhZJn678qJfmyF1zJH1lF3PZ09hMS6sLZ4WU8XaqmqoX5WVgNLWAD56Sgt6NcS_OKi7x-3lCYD9SDOxNLfLnDNBZZTxS407YaLdi2_nMkGk-1S68Byl-wMFjFIrxbHRuroyVwK8Vwxi4rxwsh-is9ve8bHNZl_qzZWxIA30pBPAHdY2tzpB2Md21MMV-czlpR2nmR7YkWqCJjRlQiB1MayG3aeU-l7dBMfVrU4cvvPICQFEKcUf-u9FC81q932uB9aJLyw2W5WC9RZLfvTgUZfcv1k1C5lfo1eHdiNvzwbzQV5JCZH_Yb2B7kchmz-8rFyCIZahib2brnN7IFAEDP33RCOCybLdX8DB2p3WRKx1ws0vGx3qLqTgCLEhHhEFRZhpAw6BLjleCnATxiIVaQysOlkIpNBf8xnifQ3SQoyI8wP2gz2DYCHLhuEZmLwFIeMqC1HgnOowv44eGDOY00_nW0c5xH0LCtuWL5d6NUs-5ghqG5S6XlDHVImt0G2MG4eAnHLsglodsdhBl1crPL_IOAKR-MiDWjAmjQhKAPDsxP8o6B7ha-PH0mFazkw11XvrkMKBMFFy52dSuJVQ3meRnuFNO7j6UJfJMbXDOiR-KvxdHQbp0699h5PjKQh4rT4NAt1RAua_2DW&cid=CAASPeRoRh1VMDSbUuSVaNbV7ZRd-F9MBO496nzEPwgW-bNjJCTPlCOfu_iRHhysACHUDdDDLAU1EJ9iiJx2r78&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46787
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 01:01:01 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 0995 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 12:16:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6278
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jun 2021 12:16:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/ Frame 0995 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dzwdp6qB_sIXH3zsBakupVQbSKKzjPAd1NEB9XIV2buGvKUXaECBZ-mxoLRZB6rUssqlFDDJvd4_X97kixHc5jVnqgUwKdTZzzaQDMR_jDAP9lWmhXKgG7HDlGM0YQtq3UKmB7LzbQSNkgDZequzbv7JNSzw&dbm_d=AKAmf-CKrnmuzZ7cDtRxeohFrGTdgNDbUzEli0RjZlw7gIM9pVTsFiXWyTqi8K-Tlokqy6LTNd5clnQAzqcZCIMU6BwQ6LSUKRfW3V1ob5QD-o-Ee8Mio7mF9zvkD_Tn1fiByq5NduyicfMHdnoN3ofaytIri9rafSAeDnFO_HKkdXyJKBC2FCasw5dwIU5mQa-HmbaRXerR6CuSDE0vzfRvSQ2KyOprBPDKHXyAbyo9T3ZlD2rZhxZ6My_iTGXxGz9bXw1mmvAhfesRdJp3Gdlhc7rmwKRxxueWhZjb8w3RXnETfgAfsaDCQtycS4bGreP3lYNyKZ9fzafmk3LtN_VzRmVlNSUUstU3v801fR42r9Vxlr3-3fYQeALIZgdGIH8N60RpL0a1NFQlzbtaQGvbTwy8oTT1s13RpOtaebLgHnsooRaoS30Cne5lGFZt7SOXFijoycT40tjoaLgRFhI_7NibTT-mClyhP1tWaxb6uefR-gVqXy9KZQkGj1JzQkR-5VllxLq4NZBTOY3RHMVTukXM68NDC1AVr51toQicZQvB-MbF_l3spP9XOgmXUDSWq5fw0YFyQcltPSyEvAm79-oIFosU2dqconJtaNoTw-QdcSJmshc51ASrvsHWs5hsMFtSta8-21Qi5HRVkmWCSDwzXy2t9aNiQzrza98vHTdCDwWsjeKdNLwIpiCoOsmSkuNLnJsqur-hRzvs_iROzoNF_bs1rX-_OxtXGi7PhuKXVzhrD5tQyZcUr9Z5FzuFPrvsPioKdpzjUWpADtYu4E4jX7xWtD593_Ow1b69t82LGU4B4XHZpuTw4e9SRYD-F_l0fPKiXJhZhhKf1OilYA2qC2kqPeI4iGcx5A1YEvcL-d8WrXgHubtXajbOZEuZK9Tyk0plNzAgqOjE3RYZnytZPiWt4ceGaCTZLGaQ21O1z4IwfCbRVqVt21VWRlyk9bSUt_zMstTrvZe43SSBVR56wUUtOVGc96rlqtSZwmWOHcMdfP52jW1EaGB8IvLjiAmPrRe03U2wnVBDN1rbP02Uv51N1YByfq9FdTBybNJyduqFiMW5LpeX85-r9bTOxzJeVw87MDmQl8n1BUft9vAdy4rjn9IUmftnXGsBsX0TmncOM_IAvncT3zsLhNYbs7QhFc0ujqhWDlZCKeEIJExVNPcX2ixffc-H_pDoJReaco-0JxTjmsfmc3wv4vcO4d_gydQrfr4zeFAtYhTMwCHjI-E49Ih6dEvYuJK5O_XPPBwPnT0iOaCSQUT-WuRifAPrp9-3eLqPM_M6CSuYTfziQyrVGw6NbZhJRSqQutD5Z6Pw_qCky8jO1IQNFyOxaMJmEDuXzJNX-DHpn5lAPdvlhuDOOVIXnJ2giQLhPT-IhbIgTUgrJmSVT-P6j8I95vqv6UxBfemAKizHsxFdJqgQQDJWf_pR5RBoFEIhbqdn_R1HIIBufVq6IU4983haTJSBAW30EefkOC7p7QEnYqyZGLNm6kw2fwg2zupj87cvyYC22XP7kGLqZtxdQd5NgkQIVYFwMdnicykBVKZLyCkgGLui8VYChZeX85anXg0yhsEnPhiqJ6AdHnVSKMi1Tx_kiZgGM6P1C84Po-9AWrvNfP0wwW0MHpwAbw_KLebY78WzLNbtjEiUIdWWg2XjETZj_vOjRYvad6yYCLaLDCs79awBAcSVOjmpgSPcPNWQPz2Jv2wnv7Xh8Tr0ksoMPu_huYpfH-lvZuNEewF_KJ1gACIr_r0IXpbhmrE36vhOZlsHY3dUtlrUoGaVIknaiGIR7a3T2LZLNNDJQghnWXYlTQaE5Jfr1DpWXXHLs1gA5KC9gouKFJDHD6nPHJ8iXkzihMteyJNTsj5OlvQ40ZJ0fhGBmLC-kQEZr_J5XprQXs-NSMvFokTaFp8HF-7ZYFabaYFJBo7IJjz55qQ_USOARo5lYEYrNTvMR8yfyNZWfK2fcUJKz0bDdnC061EuufgUHCySy8XPiglU_Vwl2dKR1Qs-XCExHsZO4ZgGqXGaAhBi1A4QxSwiC15oBFg-opoMbj1_hYVD7BdjzWAFgmTMLbJMtyGA_d3fWYIdiCKdmP6Vf5TL0RJRoD_jnaysoJxfiSaHZmPJu_nfZiIlONQHfXEjsFmogdwI91Wput46WI9CMHpYJn5P6w4i5SNm3BN5ZHa6qHvJi4HXHWJATbHhxOmcKOD4ikHgZL5flwKaunanmTWLgZ_qOtLmKeizZY0KgHcYgDpjpb4H1e7yfX6ZSRRta89PKMyiQ7S54iAUjkCUM9kQ_selzq_DgRsiT4rv4yRzI-oJkHbTy_Apae7hxHR5pu8Spk9lqkhSR52jz0UGvqHJoWc5uPNJlNuncwC9hfuFlnS3IQOBZa2USYuGfOJ_e1tSVajp7f7bRlxS0a_nc0cCEZPiQipwVn5fBBUKSxYuZ0RxoerrhZhECa43AF6DsuVWtg9f95UYK05oYu_4PV8PRVvL9lr1PdR6hr6ux-DWNScwqKo_SGuB2WIS98CSySdTzlgCL8BwjCmWLO-ppT-BHap1UpXob3YemKLCDLx01FCd5ogE2eEmBVCRyv8BjFmnyw5F7E206G11CaZGJ6LCy3ZUEfAgUX5nDffHf2MHk_YuLozTGDlsdIh1Mpu3oEer9ir5ngz6S6KXjx_pXYC1afAVMqHJqyzELNJr0Wujg4a-ngmfEW2g5R7X5-vWPBXKJ6boy26iDWWbgSzXSKuu5BDOg7TZtwDrKd6DIXyqFaLSjsH8V4haAtd3MowciO9eUyGJicRFlwZgHqkBMqJ6o4zDncbp330H-HPEyrlDqh3WC9oGD7I51-2uRyzRESqsAnA7-s7XoMrzT5GWNUVTnrkYUCy06OKB4q4C7RrSOjyyIaL55npfthDUyEF8jxvC5XH32x32CGsldeucX3xfxLQeD_xHtZK2Dk-8m3G4OCAPaud0H7v_ePClMfJZwIkGw6V-XFvV2KdETBJEQ3f61oGdA17PG_D1uPbTEHW0sUgnWJTlDtqRbQ1JE_zA6siNkUyN3SzvH1P-AJgQAxOZwfvtC78COAXQkvsDB0vYjQlQyzJWf0FSL4KRku5YPYdRwXOBc7epiExceH8lIwc&cid=CAASPeRobtqLJMlBv2M9-6Y6e19wl1mIm9_r39wWVryA-uVGUUWRuzGf1H4ritzPXj_UpnyzKfFVHwULzb2cLIA&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:56:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 0995 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dzwdp6qB_sIXH3zsBakupVQbSKKzjPAd1NEB9XIV2buGvKUXaECBZ-mxoLRZB6rUssqlFDDJvd4_X97kixHc5jVnqgUwKdTZzzaQDMR_jDAP9lWmhXKgG7HDlGM0YQtq3UKmB7LzbQSNkgDZequzbv7JNSzw&dbm_d=AKAmf-CKrnmuzZ7cDtRxeohFrGTdgNDbUzEli0RjZlw7gIM9pVTsFiXWyTqi8K-Tlokqy6LTNd5clnQAzqcZCIMU6BwQ6LSUKRfW3V1ob5QD-o-Ee8Mio7mF9zvkD_Tn1fiByq5NduyicfMHdnoN3ofaytIri9rafSAeDnFO_HKkdXyJKBC2FCasw5dwIU5mQa-HmbaRXerR6CuSDE0vzfRvSQ2KyOprBPDKHXyAbyo9T3ZlD2rZhxZ6My_iTGXxGz9bXw1mmvAhfesRdJp3Gdlhc7rmwKRxxueWhZjb8w3RXnETfgAfsaDCQtycS4bGreP3lYNyKZ9fzafmk3LtN_VzRmVlNSUUstU3v801fR42r9Vxlr3-3fYQeALIZgdGIH8N60RpL0a1NFQlzbtaQGvbTwy8oTT1s13RpOtaebLgHnsooRaoS30Cne5lGFZt7SOXFijoycT40tjoaLgRFhI_7NibTT-mClyhP1tWaxb6uefR-gVqXy9KZQkGj1JzQkR-5VllxLq4NZBTOY3RHMVTukXM68NDC1AVr51toQicZQvB-MbF_l3spP9XOgmXUDSWq5fw0YFyQcltPSyEvAm79-oIFosU2dqconJtaNoTw-QdcSJmshc51ASrvsHWs5hsMFtSta8-21Qi5HRVkmWCSDwzXy2t9aNiQzrza98vHTdCDwWsjeKdNLwIpiCoOsmSkuNLnJsqur-hRzvs_iROzoNF_bs1rX-_OxtXGi7PhuKXVzhrD5tQyZcUr9Z5FzuFPrvsPioKdpzjUWpADtYu4E4jX7xWtD593_Ow1b69t82LGU4B4XHZpuTw4e9SRYD-F_l0fPKiXJhZhhKf1OilYA2qC2kqPeI4iGcx5A1YEvcL-d8WrXgHubtXajbOZEuZK9Tyk0plNzAgqOjE3RYZnytZPiWt4ceGaCTZLGaQ21O1z4IwfCbRVqVt21VWRlyk9bSUt_zMstTrvZe43SSBVR56wUUtOVGc96rlqtSZwmWOHcMdfP52jW1EaGB8IvLjiAmPrRe03U2wnVBDN1rbP02Uv51N1YByfq9FdTBybNJyduqFiMW5LpeX85-r9bTOxzJeVw87MDmQl8n1BUft9vAdy4rjn9IUmftnXGsBsX0TmncOM_IAvncT3zsLhNYbs7QhFc0ujqhWDlZCKeEIJExVNPcX2ixffc-H_pDoJReaco-0JxTjmsfmc3wv4vcO4d_gydQrfr4zeFAtYhTMwCHjI-E49Ih6dEvYuJK5O_XPPBwPnT0iOaCSQUT-WuRifAPrp9-3eLqPM_M6CSuYTfziQyrVGw6NbZhJRSqQutD5Z6Pw_qCky8jO1IQNFyOxaMJmEDuXzJNX-DHpn5lAPdvlhuDOOVIXnJ2giQLhPT-IhbIgTUgrJmSVT-P6j8I95vqv6UxBfemAKizHsxFdJqgQQDJWf_pR5RBoFEIhbqdn_R1HIIBufVq6IU4983haTJSBAW30EefkOC7p7QEnYqyZGLNm6kw2fwg2zupj87cvyYC22XP7kGLqZtxdQd5NgkQIVYFwMdnicykBVKZLyCkgGLui8VYChZeX85anXg0yhsEnPhiqJ6AdHnVSKMi1Tx_kiZgGM6P1C84Po-9AWrvNfP0wwW0MHpwAbw_KLebY78WzLNbtjEiUIdWWg2XjETZj_vOjRYvad6yYCLaLDCs79awBAcSVOjmpgSPcPNWQPz2Jv2wnv7Xh8Tr0ksoMPu_huYpfH-lvZuNEewF_KJ1gACIr_r0IXpbhmrE36vhOZlsHY3dUtlrUoGaVIknaiGIR7a3T2LZLNNDJQghnWXYlTQaE5Jfr1DpWXXHLs1gA5KC9gouKFJDHD6nPHJ8iXkzihMteyJNTsj5OlvQ40ZJ0fhGBmLC-kQEZr_J5XprQXs-NSMvFokTaFp8HF-7ZYFabaYFJBo7IJjz55qQ_USOARo5lYEYrNTvMR8yfyNZWfK2fcUJKz0bDdnC061EuufgUHCySy8XPiglU_Vwl2dKR1Qs-XCExHsZO4ZgGqXGaAhBi1A4QxSwiC15oBFg-opoMbj1_hYVD7BdjzWAFgmTMLbJMtyGA_d3fWYIdiCKdmP6Vf5TL0RJRoD_jnaysoJxfiSaHZmPJu_nfZiIlONQHfXEjsFmogdwI91Wput46WI9CMHpYJn5P6w4i5SNm3BN5ZHa6qHvJi4HXHWJATbHhxOmcKOD4ikHgZL5flwKaunanmTWLgZ_qOtLmKeizZY0KgHcYgDpjpb4H1e7yfX6ZSRRta89PKMyiQ7S54iAUjkCUM9kQ_selzq_DgRsiT4rv4yRzI-oJkHbTy_Apae7hxHR5pu8Spk9lqkhSR52jz0UGvqHJoWc5uPNJlNuncwC9hfuFlnS3IQOBZa2USYuGfOJ_e1tSVajp7f7bRlxS0a_nc0cCEZPiQipwVn5fBBUKSxYuZ0RxoerrhZhECa43AF6DsuVWtg9f95UYK05oYu_4PV8PRVvL9lr1PdR6hr6ux-DWNScwqKo_SGuB2WIS98CSySdTzlgCL8BwjCmWLO-ppT-BHap1UpXob3YemKLCDLx01FCd5ogE2eEmBVCRyv8BjFmnyw5F7E206G11CaZGJ6LCy3ZUEfAgUX5nDffHf2MHk_YuLozTGDlsdIh1Mpu3oEer9ir5ngz6S6KXjx_pXYC1afAVMqHJqyzELNJr0Wujg4a-ngmfEW2g5R7X5-vWPBXKJ6boy26iDWWbgSzXSKuu5BDOg7TZtwDrKd6DIXyqFaLSjsH8V4haAtd3MowciO9eUyGJicRFlwZgHqkBMqJ6o4zDncbp330H-HPEyrlDqh3WC9oGD7I51-2uRyzRESqsAnA7-s7XoMrzT5GWNUVTnrkYUCy06OKB4q4C7RrSOjyyIaL55npfthDUyEF8jxvC5XH32x32CGsldeucX3xfxLQeD_xHtZK2Dk-8m3G4OCAPaud0H7v_ePClMfJZwIkGw6V-XFvV2KdETBJEQ3f61oGdA17PG_D1uPbTEHW0sUgnWJTlDtqRbQ1JE_zA6siNkUyN3SzvH1P-AJgQAxOZwfvtC78COAXQkvsDB0vYjQlQyzJWf0FSL4KRku5YPYdRwXOBc7epiExceH8lIwc&cid=CAASPeRobtqLJMlBv2M9-6Y6e19wl1mIm9_r39wWVryA-uVGUUWRuzGf1H4ritzPXj_UpnyzKfFVHwULzb2cLIA&rfl=1%2Chttps%253A%252F%252Fengel-orakel.de%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13843236118941462489
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Jun 2021 13:50:32 GMT
pixel
cm.g.doubleclick.net/ Frame 15FB 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNVDyuoSWXkiuFMIriH4f0ugi4Rqnx7ft-UyRpRcQfkeu4I6shrruk4OGH-JmaQegw25fAOE6sqAQsZ32rkFU-CFAMcCsQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 15FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNVDyuoSWXkiuFMIriH4f0ugi4Rqnx7ft-UyRpRcQfkeu4I6shrruk4OGH-JmaQegw25fAOE6sqAQsZ32rkFU-CFAMcCsQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 15FB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLePEHgmWv9DBNa9hCrAWgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNVDyuoSWXkiuFMIriH4f0ugi4Rqnx7ft-UyRpRcQfkeu4I6shrruk4OGH-JmaQegw25fAOE6sqAQsZ32rkFU-CFAMcCsQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8472 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNX2aQzYMqPAC9QgkDQnBhD4wQyTrwSsfIXJSbeFCjoDlWgTTP287b19rY0MfZ3FR--yIqehslaNKjtRA45lvI-nM3KWGA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8472
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNX2aQzYMqPAC9QgkDQnBhD4wQyTrwSsfIXJSbeFCjoDlWgTTP287b19rY0MfZ3FR--yIqehslaNKjtRA45lvI-nM3KWGA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8472
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLePEHgmWv9DBNa9hCrAWgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQnKKcAhj-_t2cATAB&v=APEucNX2aQzYMqPAC9QgkDQnBhD4wQyTrwSsfIXJSbeFCjoDlWgTTP287b19rY0MfZ3FR--yIqehslaNKjtRA45lvI-nM3KWGA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHBPuWvjCzqPOeSBF_TNzzo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0A3B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIlmYDUqCjLYjRSqFcekq2Q&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIlmYDUqCjLYjRSqFcekq2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuGhAIQ8fOTAhijlMFiMAE&v=APEucNUqRjOfLbsykZmKLHk2y3QkaBvFT75ZY4uUpZhH_JbLYJ49etP_K80oMc6ldj7ZmHw_OUlNUAociJ3mJpessFbDlfoYag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid
f0cd6f03-e6f1-4b4d-9ac5-9eaaa681660b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIlmYDUqCjLYjRSqFcekq2Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A3B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA4OTMyMTE5ODczNzcwMzQ0Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA4OTMyMTE5ODczNzcwMzQ0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuGhAIQ8fOTAhijlMFiMAE&v=APEucNUqRjOfLbsykZmKLHk2y3QkaBvFT75ZY4uUpZhH_JbLYJ49etP_K80oMc6ldj7ZmHw_OUlNUAociJ3mJpessFbDlfoYag
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid
67870806-8877-4b9e-b5f5-35213c5e9e7c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA4OTMyMTE5ODczNzcwMzQ0Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0A3B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHguN_r4U5qtG_LfhGXZ3Bo&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHguN_r4U5qtG_LfhGXZ3Bo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuGhAIQ8fOTAhijlMFiMAE&v=APEucNUqRjOfLbsykZmKLHk2y3QkaBvFT75ZY4uUpZhH_JbLYJ49etP_K80oMc6ldj7ZmHw_OUlNUAociJ3mJpessFbDlfoYag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHguN_r4U5qtG_LfhGXZ3Bo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A3B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDAwYjVmOGUtNzcyMC02MDgzLTQ1YjctMjc1MTk5YTRhZWE1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDAwYjVmOGUtNzcyMC02MDgzLTQ1YjctMjc1MTk5YTRhZWE1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuGhAIQ8fOTAhijlMFiMAE&v=APEucNUqRjOfLbsykZmKLHk2y3QkaBvFT75ZY4uUpZhH_JbLYJ49etP_K80oMc6ldj7ZmHw_OUlNUAociJ3mJpessFbDlfoYag
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDAwYjVmOGUtNzcyMC02MDgzLTQ1YjctMjc1MTk5YTRhZWE1
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1297 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
104570
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 645B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 05:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30502
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 05:32:26 GMT
file.mp4
r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 645B
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r3---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,i...
  • https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/53EC7ADD6075757FCCE74AB4C32EB4B2BF64D8FD.6ECA386E747995EC41D33DD4F07E4E39875B5FC6/key/cms1/cms_redirect/yes/mh/1x/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1622641947/mv/m/mvi/3/pl/50/ir/1/rr/12/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:6e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:48 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2220965
Last-Modified
Thu, 06 May 2021 13:06:15 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 02 Jun 2021 14:00:48 GMT

Redirect headers

Date
Wed, 02 Jun 2021 14:00:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Location
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/53EC7ADD6075757FCCE74AB4C32EB4B2BF64D8FD.6ECA386E747995EC41D33DD4F07E4E39875B5FC6/key/cms1/cms_redirect/yes/mh/1x/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1622641947/mv/m/mvi/3/pl/50/ir/1/rr/12/file/file.mp4
Vary
Origin
Content-Type
text/html
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Connection
close
Timing-Allow-Origin
null
Content-Length
0
Expires
Wed, 02 Jun 2021 14:00:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9A56 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
104570
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7732 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
104570
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7CBC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbd56ec8164b46ded97186620c921b7508cf097987a124b26a04c747f9c43950

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
r62eglto.js
ad4m.at/ Frame 7CBC 		36 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb101fbfb40f627db5860971a51fd80a9384f0630af3db4eefd351ef04d2c35

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=U/Ax7w==, md5=xOpZ1cY5A1Y5taJ1VeQlsg==
date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74968
x-guploader-uploadid
ABg5-UyJ_H9nQC34LamJpDHH9NslyUGgt2HnpLy1C0xOavSHXN7zyRoned3kjTrQ0bqTQNn9WKIYCJM2Qp8c_zdjmPWl_ashQA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6e9fef6c00004a8091913000000001
last-modified
Thu, 06 May 2021 17:10:38 GMT
server
cloudflare
etag
W/"c4ea59d5c639035639b5a27555e425b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FuAHFwjVwQQRdlDZ8%2B7hzAZndf4KcfYw9bQnNVqY%2B7LL%2BIKODB4iywtmtbwUPGtmZWNKMn3yymDpaOJcYShqLNkcUlxhJgfaVgUh5%2FK10Tq6Z1l95GLJO7ZjANBakogS"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321038772018
content-type
application/javascript; charset=utf-8
expires
Tue, 01 Jun 2021 17:11:20 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12030
cf-ray
659135c57ac74a80-FRA
cf-bgj
minify
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3C38 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
104570
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C0E3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24e912049f9de52b5849b71de97b610c3e9af3e74a5c13c2f5d9fbadacb7d8cf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
r62eglto.js
ad4m.at/ Frame C0E3 		36 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb101fbfb40f627db5860971a51fd80a9384f0630af3db4eefd351ef04d2c35

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=U/Ax7w==, md5=xOpZ1cY5A1Y5taJ1VeQlsg==
date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74968
x-guploader-uploadid
ABg5-UyJ_H9nQC34LamJpDHH9NslyUGgt2HnpLy1C0xOavSHXN7zyRoned3kjTrQ0bqTQNn9WKIYCJM2Qp8c_zdjmPWl_ashQA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6e9fef8300004a80c4a90000000001
last-modified
Thu, 06 May 2021 17:10:38 GMT
server
cloudflare
etag
W/"c4ea59d5c639035639b5a27555e425b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KfkUqwghgHxVFnBnMJEPP8X%2B5UPNtOqgYPyzU9r%2F4x1R8hXaR4Hd%2FRHJg8P868lhttdA1i758MoJFXzINmeQXB%2BO0MKTu1gWiylDbUyTtGFVszeDQSGLu4kh%2FXxt0Yc7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321038772018
content-type
application/javascript; charset=utf-8
expires
Tue, 01 Jun 2021 17:11:20 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12030
cf-ray
659135c59b274a80-FRA
cf-bgj
minify
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame CBC7 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: a1.adform.net
URL: https://a1.adform.net/adfscript/?bn=43776674;kv_key1=46068091;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C1fPGD4-3YM37DcHX3wP5yonACNydmotjs_j0-7MN8C4QASCXwNofYPWVzoHgBKABvain3QLIAQmpAomacF2PerQ-qAMBqgTOAU_QHFJxEToIp5P4M_dSzVtqVWPzrG0XEQz6DtBBbWdhKvqBjQFLzFNuvUwfYHAw-X0q6mQ_FWthGx0sgwomc79O_W1Kmo9wx6KVx-p_Dvrg4VQUwi4kFi0mokzViQj_rewUswSPpWRybSw3r-FtqlfhrUPUPXIPtcsCcvf_KBnRjDH8TNuQTt2AZjw8ZDAisFewUB4FKlaCnqprJntY9hwWpuezomBugOGBezcWkOPKk0FAO410vQlztpNVKbIvHbSf2eIvT_aUrEbIv1_4wASS-IvttgPgBAOQBgGgBk2AB6vX2KIBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBOXs8sL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASPeRomVYeFtio5f3fnYeK5qThxVrakToNzMXaG-7f4D2sWZ2pEkuMS80BplVYOcBhne1e9siYT2-Bg30L3Vs&sig=AOD64_0CVXRCo095ywyIAE2K7a78hy2y1Q&client=ca-pub-1274416353693598&dbm_c=AKAmf-B3tA3JcdV5mCTTjmoKEacbgHpafLMjMYQlSiHE1DXSBSG9kAIKuEgrYWopKAKZPz4F34m3vVjchc5IR-At9A5xNPioDk-CEQLZmidHKYCTwDam8RxYqD78JwQS7phfaAqF8gjQqZ-ekSnO6xnjdtGTbaX98A&dbm_d=AKAmf-BTD6jJO6pqRTu3Bgrb4ZUXa1j9yumEDz8zYjroDaViRnZjMCTorDVx5ZIUE3z1ELl9e66abSdxRoWxL_q7UZ3Svoh8WxmOTC5PEn8Zjok8KIny8Wa0BHGux8r65_NEO37FsxAVJH79_4AUnG5M0-kdk6w8xu-kTs8Q_2pftnzJh2DrVC68Mq8ZQtSTcfYbvB5qHNRgwel0JBX6cRElJ7jPrxpultNAhE4p-fgvhKPBjBlBM9WH9nNrq5_D27OdZEfV6TZVO7jC6xsfHCiPJju_fg1S37hOoxGWC4LNXgkq2z-ni3QPIr8Q9AnkIVPkoyh3TP_EA8CYfK11xjv8w8mifZA1bVWqSDUNQCestOKcdM2wA-iC58K0yv3dFIesHc7rizCEZrrJHVHO7spLBZv986ODM4nUkSNJe8cSOtrk-ZerfB8bROjqH1SJHguYnQhn6AxC&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 03 Jun 2021 17:28:56 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 1852 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: a1.adform.net
URL: https://a1.adform.net/adfscript/?bn=43776674;kv_key1=46068091;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CWihED4-3YMz7DcHX3wP5yonACNydmotjs_j0-7MN8C4QASCXwNofYPWVzoHgBKABvain3QLIAQmpAomacF2PerQ-qAMBqgTLAU_QYj6iEPmH7xU3CVib6Ri8xMuW5A6bnrat-QU2uZtMdnC7XtuBFjABHLM_P_uUJm0d9Zb1vVp9E7nAAwxLx3kW87xbnORtqCrt8OVjUypM2g02sNKvIpMlHnJWOlxeeu01DzidzIM-xDJN2F5ulJYVam4T57ED8Y7h0WMerKrwnL5Try1yxzyhroVnCdSCCIudQ18tp-DMDhPbPS4AVAW9ylSJdUXxu1sU8vrgMiT2_mOEgOC4H2cMmc33_UUKDJLI8Rqk7pe-M-d1wASS-IvttgPgBAOQBgGgBk2AB6vX2KIBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBOXs8sL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASPeRoRh1VMDSbUuSVaNbV7ZRd-F9MBO496nzEPwgW-bNjJCTPlCOfu_iRHhysACHUDdDDLAU1EJ9iiJx2r78&sig=AOD64_0MrLOY1rq1lSvBxNgm4v_EagOwJg&client=ca-pub-1274416353693598&dbm_c=AKAmf-DAZC-7WLLQ6Qyxnz65AjQQKEDap4L5rwitDZp6EHQnZ1WBEoobVycxc6AGPuc53VX2wEo6ubIldOHDyBWN5JW_rCUSguQ8VPx44hyjkJDKcBFLCABiXcjtmVwDdx4O4UosRTTreJtGit8H6t9naKYvDbQdWw&dbm_d=AKAmf-CCSd3IELHbnNRiWHO8XTXHmIFZ6mfIjj8H-ixbv_UUAaWdzXhXOCHFjTWV82JfmHUuk58cwXNqAVoIA4-uxOcCWqAd304k5TjR3L1LPNLwLSJ3-PNqgqm4DYxNSwBNnH2flMaNUT6eyommCe44kGqh6UsBeNF1e2LBSm8VLQdHu8Gh44kxVJUVP2gFsZBD3Uq3bJR9D_hKoIKBCyeuP3uIrFGpt3upV25GGQXcQXRe9H_rFyyatREreJLV-ArHQSfEc7T_28HbHOmb9asCwjwY9m5GMrXJFpReA19cZ-AURDlbI5S8xwwUJX3sl0XOHo9mzuSWgVyI0lClA75GlmwWPbABhZd6fnZWdmHFETUfljiR94yd0bcoULdJaXcZ7juhLa9jW9hG9TRAoBL0m42QyNx87D9jrEAts_PP7dTdPnqh8yF4pclhq9Qbf6S45iiFLVfE&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 03 Jun 2021 17:28:56 GMT
frame.html
ad4m.at/ Frame 73A3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Wed, 02 Jun 2021 15:00:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
839092
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a6e9fef9e00004a80e5850000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=42ILT%2FyEICrMNspiVEajzHYpejBjcNHW51umO8nsbVsj6eVPVC1ybzcbfDB7FUjgwojsYtSCd%2B%2FlsatE1dUqvgDaLsOKYACblD%2Bmb6N9fOE1riukoB6%2FuN9KivBpuoXv"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
659135c5cba74a80-FRA
content-encoding
br
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0995 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46787
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 01:01:01 GMT
truncated
/ Frame 0995 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d6b65c1d62446c56caeb2ca26462a9f336801b110749cd042e2cbb3f266c703

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame AE9B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Wed, 02 Jun 2021 15:00:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
839092
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a6e9fefc300004a80e2341000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H0QnXsl%2B9yN8p9KzBS2Ei6wsBVH4Cp5eYRs%2BFxiG9tNTtBg%2Fbs2u9douuYw%2FTqys0A1AA6IOAuJ66RGTuOin%2BYicu5eWjd9Bn6jsuDcFNbK%2BBEFFpKSclL6KODyhnvQ9"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
659135c60c504a80-FRA
content-encoding
br
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/ Frame F95D 		3 KB
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac342e215bb4fee5b8fd07b19c69fdea6065aa927d364178b368de3d11cfc33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
952
date
Wed, 02 Jun 2021 14:00:48 GMT
expires
Thu, 03 Jun 2021 14:00:48 GMT
cache-control
public, max-age=86400
last-modified
Wed, 26 Aug 2020 06:41:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 0995 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRmCNNEKrWihEAqZOwfO_PBibf5gKrVZRwWef1ClElfklDgOBVqyY2khnadp4gImfxxDPYHPitffqSc892egIfdLWegv-hTFgWsdWSzcTPdWnXdhqeQPWghDq2dSajm84Opol3JjJCk47QmOajdy6wiuOHiDzQt1laKDaUj2G-EC63LuAPMvQt4t9us-UJOECQwLzQqptXSP9YnBS-96vJtaMd62pQP37Idv_blz_lWZVWOqFNCMHNPs5QVsv_bGc2aI--JZmkIZiYGYShL0hBHw_zoex7sKrdE7PH7h3yVB3BqYkU55zaWowpos0IY4EtTVql6Ukdl1ZGtlF9GxZnasfNv4RcqKYYekhCe1EG0UilB3jYf3-cCk8hJOoAOqgrnKNh73AjfuEy8-DC9307xKd76uYtuCt8sUu7btS1c0NVUO7lPgwW70m4jMAg3byibiQJ9-HU5XNYL9rE6_xIuJbUscI_I7P9-CjNQP512dPpzSojiBN_UHQz11Y0jgsGgfw7w0shuf-etOtUZ5ESQf2z3YiOO2OoY69WSGOOfR3RMDxdCXNFnkc8T7ds2jVTBYypq1I0ypJgVi4heRoVCsa-fZApYq9J7Ywujm_NAFtrjxRDH-quQ7YDx6s0Tp9DASC7Pz_alabqAI1RCs009M21HDBJ-LequqbPPZqK2DxvLb98QkhNtwQk4u6npcSYuxrjhiFbKHysd72utNxyDMBApKGwpv7FkXR8HovaaF3oiSR0PSzf5pjkDbFPCHyulh1C0jDOQqLamOwbnxL1xtkQoZsrqv711SFigr2pN0SrJge4ioNX74YXbv6dIRvg-Q2AiZUsby2Vbx_ymmCWudh-2T-v0pB6WUCsbo1WY5xiOJ-7Ou5Sl7I7QnnAezMM78Kt38b4XcROv0YkhC6nKz8Q7gjRcdqtpHx480sh_39BuiPjDrYB8TSWOydEJUDonpS6wPrQwviyuYH7_EMhQ8PiQkJ_6vhuClrGe-vtHfoiwf8qPVdNmh1YlWGzuqJFYwcvXQCZU5U4D9K_16WDLqf3804aJrazQ6yshLPnU39AtEzM_UcMtT09gm2MaYlADB-STUT6xlEsVbQ_PQUlW9ew-o7BRRZW4Xw_ulaQgK55p1bE76qFYb1tMTuOxGgL60IStueu3_nrtE3R7wI0qlZOSDfoRdeRXuAoCtuz3db7aNVsYtXfwUmZFZh9ooynKdYAJ9bTjNXfslsEIZdD&sai=AMfl-YSAyms5Cwxf14WAxHQV8Yn8Z_q9vZV2oRjPNy3YtKpgUbWpwu6-N7NIVnMRMCGDnzD6gI3pz3gxTKN9TUiBvDtI23KkKokpakzg5i8caCek6J8l8mTn8UtRyxx9NR-Nn5qLLwvHXbK6VZk5ayoMJSzWUJm1vWQn98FEhXimmYZHlq40tzNDiizaB4SjFP8q6Ax1Z1FkUW8gr8Wq0N7zRaso6lHo9B9g-Wc3JWyKuw&sig=Cg0ArKJSzMpo3mmqJ2AzEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=234&cbvp=1&cstd=226&cisv=r20210525.21974&adurl=
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 02 Jun 2021 14:00:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame AD44 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Tue, 01 Jun 2021 08:33:34 GMT
expires
Wed, 01 Jun 2022 08:33:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
106034
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CB71 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
104570
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
file.mp4
r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 645B 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsd.c.2mdn.net/videoplayback/id/b36546fbb0fd771e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764754376/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/53EC7ADD6075757FCCE74AB4C32EB4B2BF64D8FD.6ECA386E747995EC41D33DD4F07E4E39875B5FC6/key/cms1/cms_redirect/yes/mh/1x/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1622641947/mv/m/mvi/3/pl/50/ir/1/rr/12/file/file.mp4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:6e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
6f4c82f94bcc247bd81040e46ce805d3bfad61f6b4cc513c2433825b9d95a13c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2220964/2220965
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2220965
expires
Wed, 02 Jun 2021 14:00:48 GMT
last-modified
Thu, 06 May 2021 13:06:15 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
client-protocol
quic
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 1297 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 09:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
16934
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Thu, 02 Jun 2022 09:18:34 GMT
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 9A56 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 09:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
16934
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Thu, 02 Jun 2022 09:18:34 GMT
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 7732 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 09:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
16934
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Thu, 02 Jun 2022 09:18:34 GMT
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 3C38 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 09:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
16934
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Thu, 02 Jun 2022 09:18:34 GMT
Enabler_01_244.js
s0.2mdn.net/879366/ Frame F95D 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_244.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 14:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85758
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 18:35:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 14:11:30 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F95D 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 14:00:48 GMT
TechLabViewabilityEvent_V1.0.11_alpha.min.js
s0.2mdn.net/ads/richmedia/studio/37408878/ Frame F95D 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alpha.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c5bba0f3722cc45092baac3921cfade13565f3cc004cf6c7c2ac28125d04cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
957
x-xss-protection
0
last-modified
Tue, 22 Nov 2016 10:16:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 14:10:22 GMT
ad_setup.js
s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/ Frame F95D 		4 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/ad_setup.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c426ca4dd96a20f732c5c803b9fe4a2bfcead93bc919943ca304bbb603ec703c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:51:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47368
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
920
x-xss-protection
0
last-modified
Wed, 26 Aug 2020 06:41:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jun 2021 00:51:20 GMT
elespacio_victorinox_midfunnel.js
s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/ Frame F95D 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/elespacio_victorinox_midfunnel.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a129254a4566619659c5ab635d4232f962f1712c6534146771e562635f4e6723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54328
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2899
x-xss-protection
0
last-modified
Wed, 26 Aug 2020 06:41:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 22:55:20 GMT
/
a1.adform.net/adfserve/ Frame CBC7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/adfserve/?CC=1&bn=43776674;kv_key1=46068091;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C1fPGD4-3YM37DcHX3wP5yonACNydmotjs_j0-7MN8C4QASCXwNofYPWVzoHgBKABvain3QLIAQmpAomacF2PerQ-qAMBqgTOAU_QHFJxEToIp5P4M_dSzVtqVWPzrG0XEQz6DtBBbWdhKvqBjQFLzFNuvUwfYHAw-X0q6mQ_FWthGx0sgwomc79O_W1Kmo9wx6KVx-p_Dvrg4VQUwi4kFi0mokzViQj_rewUswSPpWRybSw3r-FtqlfhrUPUPXIPtcsCcvf_KBnRjDH8TNuQTt2AZjw8ZDAisFewUB4FKlaCnqprJntY9hwWpuezomBugOGBezcWkOPKk0FAO410vQlztpNVKbIvHbSf2eIvT_aUrEbIv1_4wASS-IvttgPgBAOQBgGgBk2AB6vX2KIBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBOXs8sL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASPeRomVYeFtio5f3fnYeK5qThxVrakToNzMXaG-7f4D2sWZ2pEkuMS80BplVYOcBhne1e9siYT2-Bg30L3Vs&sig=AOD64_0CVXRCo095ywyIAE2K7a78hy2y1Q&client=ca-pub-1274416353693598&dbm_c=AKAmf-B3tA3JcdV5mCTTjmoKEacbgHpafLMjMYQlSiHE1DXSBSG9kAIKuEgrYWopKAKZPz4F34m3vVjchc5IR-At9A5xNPioDk-CEQLZmidHKYCTwDam8RxYqD78JwQS7phfaAqF8gjQqZ-ekSnO6xnjdtGTbaX98A&dbm_d=AKAmf-BTD6jJO6pqRTu3Bgrb4ZUXa1j9yumEDz8zYjroDaViRnZjMCTorDVx5ZIUE3z1ELl9e66abSdxRoWxL_q7UZ3Svoh8WxmOTC5PEn8Zjok8KIny8Wa0BHGux8r65_NEO37FsxAVJH79_4AUnG5M0-kdk6w8xu-kTs8Q_2pftnzJh2DrVC68Mq8ZQtSTcfYbvB5qHNRgwel0JBX6cRElJ7jPrxpultNAhE4p-fgvhKPBjBlBM9WH9nNrq5_D27OdZEfV6TZVO7jC6xsfHCiPJju_fg1S37hOoxGWC4LNXgkq2z-ni3QPIr8Q9AnkIVPkoyh3TP_EA8CYfK11xjv8w8mifZA1bVWqSDUNQCestOKcdM2wA-iC58K0yv3dFIesHc7rizCEZrrJHVHO7spLBZv986ODM4nUkSNJe8cSOtrk-ZerfB8bROjqH1SJHguYnQhn6AxC&adurl=;js=1;adfxid=1x;4579;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fengel-orakel.de
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ac814aa302070b27cf37e9cccef92656695bf8f221cc2c08a31e0d67739db56d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3814
expires
-1
/
a1.adform.net/adfserve/ Frame 1852 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/adfserve/?CC=1&bn=43776674;kv_key1=46068091;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CWihED4-3YMz7DcHX3wP5yonACNydmotjs_j0-7MN8C4QASCXwNofYPWVzoHgBKABvain3QLIAQmpAomacF2PerQ-qAMBqgTLAU_QYj6iEPmH7xU3CVib6Ri8xMuW5A6bnrat-QU2uZtMdnC7XtuBFjABHLM_P_uUJm0d9Zb1vVp9E7nAAwxLx3kW87xbnORtqCrt8OVjUypM2g02sNKvIpMlHnJWOlxeeu01DzidzIM-xDJN2F5ulJYVam4T57ED8Y7h0WMerKrwnL5Try1yxzyhroVnCdSCCIudQ18tp-DMDhPbPS4AVAW9ylSJdUXxu1sU8vrgMiT2_mOEgOC4H2cMmc33_UUKDJLI8Rqk7pe-M-d1wASS-IvttgPgBAOQBgGgBk2AB6vX2KIBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBOXs8sL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASPeRoRh1VMDSbUuSVaNbV7ZRd-F9MBO496nzEPwgW-bNjJCTPlCOfu_iRHhysACHUDdDDLAU1EJ9iiJx2r78&sig=AOD64_0MrLOY1rq1lSvBxNgm4v_EagOwJg&client=ca-pub-1274416353693598&dbm_c=AKAmf-DAZC-7WLLQ6Qyxnz65AjQQKEDap4L5rwitDZp6EHQnZ1WBEoobVycxc6AGPuc53VX2wEo6ubIldOHDyBWN5JW_rCUSguQ8VPx44hyjkJDKcBFLCABiXcjtmVwDdx4O4UosRTTreJtGit8H6t9naKYvDbQdWw&dbm_d=AKAmf-CCSd3IELHbnNRiWHO8XTXHmIFZ6mfIjj8H-ixbv_UUAaWdzXhXOCHFjTWV82JfmHUuk58cwXNqAVoIA4-uxOcCWqAd304k5TjR3L1LPNLwLSJ3-PNqgqm4DYxNSwBNnH2flMaNUT6eyommCe44kGqh6UsBeNF1e2LBSm8VLQdHu8Gh44kxVJUVP2gFsZBD3Uq3bJR9D_hKoIKBCyeuP3uIrFGpt3upV25GGQXcQXRe9H_rFyyatREreJLV-ArHQSfEc7T_28HbHOmb9asCwjwY9m5GMrXJFpReA19cZ-AURDlbI5S8xwwUJX3sl0XOHo9mzuSWgVyI0lClA75GlmwWPbABhZd6fnZWdmHFETUfljiR94yd0bcoULdJaXcZ7juhLa9jW9hG9TRAoBL0m42QyNx87D9jrEAts_PP7dTdPnqh8yF4pclhq9Qbf6S45iiFLVfE&adurl=;js=1;adfxid=2x;5172;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fengel-orakel.de
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a0316b38a495bd2a966e40ac01799762bfd442201bc8e96bcf33ca075fa5eca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3791
expires
-1
6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
pagead2.googlesyndication.com/bg/ Frame AD44 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 10:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
11550
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5787
x-xss-protection
0
expires
Thu, 02 Jun 2022 10:48:18 GMT
frame.html
ad4mat.net/ Frame F8EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:659135c78aa64ec8:FRA; path=/; expires=Wed, 02-Jun-21 14:01:18 GMT cf_use_ob=443; path=/; expires=Wed, 02-Jun-21 14:01:18 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
659135c78aa64ec8-FRA
server
cloudflare
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame CB71 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 09:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
16934
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Thu, 02 Jun 2022 09:18:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0995 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRmCNNEKrWihEAqZOwfO_PBibf5gKrVZRwWef1ClElfklDgOBVqyY2khnadp4gImfxxDPYHPitffqSc892egIfdLWegv-hTFgWsdWSzcTPdWnXdhqeQPWghDq2dSajm84Opol3JjJCk47QmOajdy6wiuOHiDzQt1laKDaUj2G-EC63LuAPMvQt4t9us-UJOECQwLzQqptXSP9YnBS-96vJtaMd62pQP37Idv_blz_lWZVWOqFNCMHNPs5QVsv_bGc2aI--JZmkIZiYGYShL0hBHw_zoex7sKrdE7PH7h3yVB3BqYkU55zaWowpos0IY4EtTVql6Ukdl1ZGtlF9GxZnasfNv4RcqKYYekhCe1EG0UilB3jYf3-cCk8hJOoAOqgrnKNh73AjfuEy8-DC9307xKd76uYtuCt8sUu7btS1c0NVUO7lPgwW70m4jMAg3byibiQJ9-HU5XNYL9rE6_xIuJbUscI_I7P9-CjNQP512dPpzSojiBN_UHQz11Y0jgsGgfw7w0shuf-etOtUZ5ESQf2z3YiOO2OoY69WSGOOfR3RMDxdCXNFnkc8T7ds2jVTBYypq1I0ypJgVi4heRoVCsa-fZApYq9J7Ywujm_NAFtrjxRDH-quQ7YDx6s0Tp9DASC7Pz_alabqAI1RCs009M21HDBJ-LequqbPPZqK2DxvLb98QkhNtwQk4u6npcSYuxrjhiFbKHysd72utNxyDMBApKGwpv7FkXR8HovaaF3oiSR0PSzf5pjkDbFPCHyulh1C0jDOQqLamOwbnxL1xtkQoZsrqv711SFigr2pN0SrJge4ioNX74YXbv6dIRvg-Q2AiZUsby2Vbx_ymmCWudh-2T-v0pB6WUCsbo1WY5xiOJ-7Ou5Sl7I7QnnAezMM78Kt38b4XcROv0YkhC6nKz8Q7gjRcdqtpHx480sh_39BuiPjDrYB8TSWOydEJUDonpS6wPrQwviyuYH7_EMhQ8PiQkJ_6vhuClrGe-vtHfoiwf8qPVdNmh1YlWGzuqJFYwcvXQCZU5U4D9K_16WDLqf3804aJrazQ6yshLPnU39AtEzM_UcMtT09gm2MaYlADB-STUT6xlEsVbQ_PQUlW9ew-o7BRRZW4Xw_ulaQgK55p1bE76qFYb1tMTuOxGgL60IStueu3_nrtE3R7wI0qlZOSDfoRdeRXuAoCtuz3db7aNVsYtXfwUmZFZh9ooynKdYAJ9bTjNXfslsEIZdD&sai=AMfl-YSAyms5Cwxf14WAxHQV8Yn8Z_q9vZV2oRjPNy3YtKpgUbWpwu6-N7NIVnMRMCGDnzD6gI3pz3gxTKN9TUiBvDtI23KkKokpakzg5i8caCek6J8l8mTn8UtRyxx9NR-Nn5qLLwvHXbK6VZk5ayoMJSzWUJm1vWQn98FEhXimmYZHlq40tzNDiizaB4SjFP8q6Ax1Z1FkUW8gr8Wq0N7zRaso6lHo9B9g-Wc3JWyKuw&sig=Cg0ArKJSzMpo3mmqJ2AzEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=466&vt=11&dtpt=232&dett=3&cstd=226&cisv=r20210525.21974&adurl=
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 14:00:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
frame.html
ad4mat.net/ Frame C136 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:659135c7ab264ec8:FRA; path=/; expires=Wed, 02-Jun-21 14:01:18 GMT cf_use_ob=443; path=/; expires=Wed, 02-Jun-21 14:01:18 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
659135c7ab264ec8-FRA
server
cloudflare
/
d.agkn.com/pixel/2455/ Frame CBC7 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2455/?che=85495&col=1801905,1570409%20,5545745,0,43356409,8130143762041940301,3728092294030680943
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.175.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:48 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ Frame CBC7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03f86b97e2893172cc8b683ea96e95e9b59bcf3b7ef5c154c7570742cbb3e9fb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
d.agkn.com/pixel/2455/ Frame 1852 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2455/?che=50163&col=1801905,1570409%20,5545745,0,43356409,2641621312494193775,3459499700000477552
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.175.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:47 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ Frame 1852 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ed3ed9916f4b611baac1d7407e0b01e009aaa0f92a208b5cc304b414dff2f0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 1852 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 03 Jun 2021 17:35:31 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame CBC7 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 03 Jun 2021 17:35:31 GMT
29204_20200825233932411_victorinox_ch_mf_generic_animation_file.js
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		22 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20200825233932411_victorinox_ch_mf_generic_animation_file.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/elespacio_victorinox_midfunnel.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
affcfe0b8ce82bf8388ccb9602a6f47027643a0a0f59b597cd9b76b6ddaa4194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57002
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3520
x-xss-protection
0
last-modified
Wed, 26 Aug 2020 06:39:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 22:10:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F95D 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70e32cee23c7875d1e287ac8bee6af50cc542a125d293b469888d95c0e9aa8ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4147
x-xss-protection
0
/
a1.adform.net/csimpr/ Frame 1852 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/csimpr/?bn=43776674&csi=SUPmRGoIbeTHmGXZOGJJVEPM60hxfGGLADbYV10lTEPy4bWIz2rQqI3L7uHsyPc3nqDh9frok6YdQ5xffVreYLvzVPqWpmtnxaMB7E3Is5U1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F95D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:00:48 GMT
/
a1.adform.net/csimpr/ Frame CBC7 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/csimpr/?bn=43776674&csi=v-U635jjUptewa7Z1SNd-xzg0rYZkGUTADbYV10lTEPy4bWIz2rQqI3L7uHsyPc3TQK6zmHeVo7cPiOI5NMk8bvzVPqWpmtnxaMB7E3Is5U1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:48 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
7907609.js
s1.adform.net/Banners/Elements/Files/2040031/7907609/ Frame B17A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040031/7907609/7907609.js?ADFassetID=7907609&bv=3074
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
62d4ed118ddebffa743c39b91fe5b433dfafb18c665c5d52841259178661f3da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:48 GMT
content-encoding
gzip
last-modified
Wed, 01 Apr 2020 11:12:33 GMT
server
nginx
etag
W/"5e847721-15d3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
29204_20200826244818058_victorinox_ch_mf_generic_animation_settings_300x600.js
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20200826244818058_victorinox_ch_mf_generic_animation_settings_300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/elespacio_victorinox_midfunnel.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e0ca463db8ca74acdff8a9e9ee85f9edaf7517427a5bb1a706320a032984b60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:55:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54327
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1551
x-xss-protection
0
last-modified
Wed, 26 Aug 2020 07:48:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jun 2021 22:55:21 GMT
7907609.js
s1.adform.net/Banners/Elements/Files/2040031/7907609/ Frame D436 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040031/7907609/7907609.js?ADFassetID=7907609&bv=3074
Requested by
Host: engel-orakel.de
URL: https://engel-orakel.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
62d4ed118ddebffa743c39b91fe5b433dfafb18c665c5d52841259178661f3da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
content-encoding
gzip
last-modified
Wed, 01 Apr 2020 11:12:33 GMT
server
nginx
etag
W/"5e847721-15d3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame 08B4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 09:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
16935
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Thu, 02 Jun 2022 09:18:34 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame B17A 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:38 GMT
server
nginx
etag
W/"609e6e9a-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
index.js
s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/ Frame B17A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/index.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
95d849dcdd929c57cfdd62f2c2bc3254b76c69cd65937babfddc8ad0809c3a59
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
content-encoding
gzip
last-modified
Wed, 01 Apr 2020 11:12:33 GMT
server
nginx
etag
W/"5e847721-4971"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
TechLabViewabilityEvent_V1.0.11_alphaContainer.min.html
s0.2mdn.net/ads/richmedia/studio/37408878/ Frame 1BC7 		1 KB
601 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alphaContainer.min.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alpha.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f400b330b4f0c7b7228368489ab2d9938dc3552cd8a8cb7415b7ec58a49e922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alphaContainer.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
575
date
Wed, 02 Jun 2021 13:54:56 GMT
expires
Wed, 02 Jun 2021 14:09:56 GMT
last-modified
Tue, 22 Nov 2016 10:16:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
353
cache-control
public, max-age=900
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
29204_20191211075549011_300x600_cutlery_swiss_classics_f2_bg.jpg
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20191211075549011_300x600_cutlery_swiss_classics_f2_bg.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8715d4e5497a875ae13c0de0df471d1aa31aff230eab88fdc00fe320ce2cc9ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:19:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Dec 2019 15:55:49 GMT
server
sffe
age
42064
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20822
x-xss-protection
0
expires
Thu, 03 Jun 2021 02:19:45 GMT
29204_20200416060444870_300x600_cutlery_swiss_classics_f1_text_en.png
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20200416060444870_300x600_cutlery_swiss_classics_f1_text_en.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
579f22d28ea729f4e8815fcceaaa15c0720729a2de5ba75c1de24497034a2f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:02:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Apr 2020 13:04:45 GMT
server
sffe
age
57513
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7665
x-xss-protection
0
expires
Wed, 02 Jun 2021 22:02:16 GMT
29204_20191211075552845_300x600_cutlery_swiss_classics_f3_bg.jpg
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20191211075552845_300x600_cutlery_swiss_classics_f3_bg.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f6b58c7303342fd24c95f35e8420c678a613036707908db3c223a9146c5d53d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 19:57:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Dec 2019 15:55:52 GMT
server
sffe
age
65016
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37267
x-xss-protection
0
expires
Wed, 02 Jun 2021 19:57:13 GMT
29204_20200416060505277_300x600_cutlery_swiss_classics_f2_text_en.png
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20200416060505277_300x600_cutlery_swiss_classics_f2_text_en.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21562d94c464eca38dae2ec326d1df2d66d98daab0a93d2457f925abec6106de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:06:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Apr 2020 13:05:05 GMT
server
sffe
age
82464
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7808
x-xss-protection
0
expires
Wed, 02 Jun 2021 15:06:25 GMT
29204_20191211075529237_300x600_asset_shape_white.png
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		265 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20191211075529237_300x600_asset_shape_white.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1541a3aadaf6cbef7fd7c59aad279836fca47445ea4ad1f88f4535ded557a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 08:02:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Dec 2019 15:55:29 GMT
server
sffe
age
21486
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
265
x-xss-protection
0
expires
Thu, 03 Jun 2021 08:02:43 GMT
29204_20191211075525597_300x600_asset_logo.png
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20191211075525597_300x600_asset_logo.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bd8f11c9a23815f0d666b95b8abc0c5feb1c8544eb941327149c989e72464a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:24:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Dec 2019 15:55:25 GMT
server
sffe
age
48999
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2892
x-xss-protection
0
expires
Thu, 03 Jun 2021 00:24:10 GMT
29204_20191211075315814_300x600_asset_cta_en.png
s0.2mdn.net/ads/richmedia/studio/29204/ Frame F95D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/29204/29204_20191211075315814_300x600_asset_cta_en.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bf49f1a8735373e7b36b7f35426b266d9679186723c16dbe0b29e8a3e931f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/index.html?e=69&leftOffset=0&topOffset=0&c=8SI6eBOg09&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 14:11:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Dec 2019 15:53:15 GMT
server
sffe
age
85730
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1448
x-xss-protection
0
expires
Wed, 02 Jun 2021 14:11:59 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame D436 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:38 GMT
server
nginx
etag
W/"609e6e9a-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
index.js
s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/ Frame D436 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/index.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
95d849dcdd929c57cfdd62f2c2bc3254b76c69cd65937babfddc8ad0809c3a59
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
content-encoding
gzip
last-modified
Wed, 01 Apr 2020 11:12:33 GMT
server
nginx
etag
W/"5e847721-4971"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1297 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCU-RD4-3YK3AOZWo7gO-0IXgBQAAAAA4AeAEAg&bg=!nJ-ln9vNAAaMan2LjGo7ACkAdvg8WrG6t0SDgQXZ5hA4iaMVrwsDxXQzedyzkyZVKUbj08Al-eHvrwIAAAJSUgAAAGtoAQcKANOijs4rbsCFhFUfJbJfYR7YTDIqpmBvC4kK1gBF7Vg3ZdhM_NqAAPQQ2cZFfxi-0S8QPYsJaxsGK6ZWVi2Czk6rAa9k9OQJ5DeiJ5tniAoyfnE2KFy1e-9VmhaN3VthQWivlF5PtjxW7AnDP9UUPDK-aZJP61bb4Cr4urDJJ3ulv2_urV2n3rpBWlf6kXzuZBKcU7-fyMfQucIkPPgqe5_MoPh7BvNT-eclse74iFFpsIhX9ugWx-bWCvsGUpQsgCMPccEWenTli7c8cOBpahINEfQomQKTeP2TMl0knSrMX5GJyI8QFU6ukausLKdp0KE8Exb1S2sUvVlLh0HB6y1HzNzypN9GkdaedxnMmbeHz6jwr0585c7paWDJ_exT62AXrLzOmCVp7vrr5sXblP4YEhMRsVkGCq919BNf9eGR6OszbGAA_h58LCJxOm9L44c0tnKNJrED1QgezZTZVNAv-_p23wPvSN8QYYg6jup03gPirKzRZxteiVoryUmE-xl53GxIg8QW7ZhQfXcqzzp5UVyqaqK5kCGPv3UXW_WfCGr2iMfVF6tkXwXazrQbCLIwdX2Zo5bvvxi5BDU9061EtWLulaf1swz_0MnfzmLL8fOlvBFoekiN9TnqJ_2VPEbIE3hIwnJcCcNZwOw3XDSF36D8dTy8rNNyI0-Uc35-c3KUTL_FjPdYfW9gO417EoCSgWU9_uiLI3KYYrMXtIVUHyE5PHJKCawyx5zeR9TfAvOyBYoGTTDq-2fpPXVC-aLWTpbj6b2fH1qNMgaKY3WkCEjijH1m_6bkT97JM4Qsd-GT6Xp6uYd42WPp_BzcrFml54zAHwmI_3x2x2hXlSslgUZ7mqhhBas5QzhzX2BOjlLdlEva9ZmmGQDDxkVI96yB2Oi7IWV8BIracrLHFKTD837KUAyNgDOPG6SG_nYGYqxn5_69RzDrTOynBOOyTB46cqidiSfZ1awPobgTD51i5jC24NWu3rZh9E94izKs1msbBaWn3zbq9HMH8NVnD6kv3MTjf2O9bxtIGYYNmMG1NuYqFchd5THuo_BQZr1KwVvb1WDsiHWtI7G1av76UC9Oq8vCeoNO9sfQ66cD3q6ZIZwls9AaYHQLGZZUEsfu41zOsNPLcm-QyJIHo2oIT6fG-qeFJyGR1_I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 645B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kpfjf1yx&c=4085239124266&slotId=2042619562133&qqid=CI6_qJWO-fACFcHrdwodeWUCiA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=986&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2c0f:fb50:4002:806::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A56 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0xlnD4-3YLmkOYWrgQfX-6uQAwAAAAA4AeAEAg&bg=!VValVhLNAAaMan2LjGo7ACkAdvg8WsOfuhV1CZFTkOVW_JAWUdhV4Jic-d47Y_iOTtaVC8ckAFotMwIAAAJOUgAAAHpoAQcKAN3rRnubMCY8TrdppXSFTI6je7uMWBBKmxbmRrZbo_p27xtzfVBJ2uV4bckEwtvQ2bwqAMiLPSp6v5l0ckcvcug_EsaqvLAjuBn9oNmRqcTesk82pn3h2DcdBUjUS1OpsZPM9Lhbqf57RSpl1Kx2-y2MT-VOu9uutHeDsqLm4NIfghDXHBAyzgX-HBK9k86T7dIEF4Gk1t0yvvGYzkqy2d70Hfy54sOhQkxTW9RXiuByAduF2CEfC0S1UZ_FwwFEph3Nsg9BhfFEF90ediOG3XMZcWPxiSn2dxLDAH7NhJkCnPqHMcg8LqTVt7jpOUOjID63-gRt0hWFlPi23A6N6aWWUFIdLR4zOnFOrFsxSuKJnbLhztfxxVmDIsvvohEXHmCLkHQhDKPG0GhSfWA9HnalCg5LJBMaou3-gTXb1AvbRFZBWzRkV5u_N_lP3j8tyXVuu7nFdpKxGfOoCNWsKBsjKKe-zZRHqErgOeEQWz7nzuunBKma_NMN7Yd7aWi6CXPYARgWKdm4wFBH_ygDY2F3X-nYTD0JilZBW0DD-nN9CKnriq-GoW-ig-Kpvt6AhD28UgbEtPjzDX1i6LF8Ehh6NLthVnbzRwBZMi2FfrnBbnFaRXx-OXeJr2XejowA0l2MFsLFtapVhviUrO5Ua-GcwASnZVs73g3T5PyOk2tm8fhHBrZdQr7G73aLBOv9dV-2mq-8Q7_vQ3S5K7u2PC47fxmx12VngfqGt3tA7sg84dnAY2PfZLu7CdB_m_FIuP9UUKrDCO-rBXFLKGkq1ZFrKpRZPz30oEJMaHI7VdD5zXVUsgKRwBb5r0CQvjK64bQ-68t1EbCEQRckf-gi24P-LMCps_cvZfVe94Ef0v5d6K_GwsUCGxxG8mz0smg232y8JDKda7x0uE3uyPUHLvOpnNJKb22VWd3QmzLwVYOVb7Pe8lAcMMOxLEZ7Qkur5sQSBRr_JKDbrl-oHv3aImhhluIAl6TS7Ij4PQJTXu29cXmoududs3eLqYMPvnQkv0huomaZ4-Yvxp4_ZtXG59wAd0z0-uVBTcl5NHLshnkkX-9pNABRML3jJMeEWSmbjSLwDIRH5GCMhe0BCVFqxFzMoVrNOwdn5OHdoXzpy147mc6IvlrZ3MDRkOuy_x4QUI_gYQZiVAnqgrMP-s406fE4rZ0Bu7riE1J8rVP4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
127a32180c5a99c36ca7fe19a4a2bf96.woff
s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/assets/ Frame B17A 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/assets/127a32180c5a99c36ca7fe19a4a2bf96.woff
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
636bb05f340e39f12a72264e288dacad7f9ebfa7e1ac96a5b42eebf75a97079a

Request headers

Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
last-modified
Wed, 01 Apr 2020 11:12:32 GMT
server
nginx
etag
"5e847720-f418"
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
62488
127a32180c5a99c36ca7fe19a4a2bf96.woff
s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/assets/ Frame D436 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/assets/127a32180c5a99c36ca7fe19a4a2bf96.woff
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
636bb05f340e39f12a72264e288dacad7f9ebfa7e1ac96a5b42eebf75a97079a

Request headers

Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
last-modified
Wed, 01 Apr 2020 11:12:32 GMT
server
nginx
etag
"5e847720-f418"
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
62488
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7732 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxhUtD4-3YPelOp2LjuwPzYezKAAAAAA4AeAEAg&bg=!ZWalZiLNAAaMan2LjGo7ACkAdvg8Wi6WLIU01mrY0sixR7TYy4ffED1UnYL2IeDsMiDpWivet6dOTwIAAAKHUgAAAG9oAQeZApWR48KU9xtUwYmT1SONMIYsviQ8ZVy0034ornxa16Ixzwk2e9tXJe7PMDtgnqYW0X3OOXalWzLos09rH0dUCnESp0bo5V-MTQQffHdUJbIGRSTfER9TpmMGoYml8SBXGt8GVxEGqVxOVUIoYD-Iqc8y32Yz3zu_xi4c613iqeAqH0qoC1lGX-vwZECtmWlPxU0KZl2ab4mQKM0tT2y-4Ty3LkPi-uIYRfUfIOvx-cSxl5CDq9xhskOPQd08MbH1_QYXItw2BQynkG7Fdybu8cxcqyZrxlI2y058r8dYFHQSR_8DrW2Slk2AkltKfBo-IKTh-u4zLib8FUA7k1DW0F6jyt54mYReI0gah_bRyv_x6VwHGfWv-glIJzXbiLgAW6xgyr8zXTLaFLzeLp5Fm71msDHsebY9ozyfxRQpI9NZz2ECsMNHTK_cgk73WFZqP7MeQVsuN44IfycKj_2LeMXbNz5hVM5pA7QZppLICW8vSexPSYeTYDUUCz3EhKEpUfyyFIDSjxPOv-vo6WifxZUiDytXFfm-is4h6R4e4cnGKnihSEu9isLFlAygRDmk6wzhvBh-MLkdMHiaIY0XxQKfpJKTIwfSdEzJtZ_gHJHLhWnbXvo6Tw-cbMWPf1d2ZCM2WrI1RGjoGVqABdWBa6ypLF3ns6TNtln-skh5x2A30a175kH7oF7kAmEByYohQN4wo1qJIy8jEHty8Vx3sYk3FeAql3ipOfBKKLqAFkhfredIfCHGRJ9Ft9Dn2g7cC2wDpphXr37NHWOkiHzw_xahE8MgpYE4kqschIQXq-lXTM8VdFdZbZs-CsUVKalm74dPozQol6nrJIE5Q5SkmU1uYBHxxoLNSdsmxTuRk5GSaNbvhU8s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C38 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzEAFD4-3YNbROsqArASCh7fACAAAAAA4AeAEAg&bg=!xMelx4PNAAaMan2LjGo7ACkAdvg8WmLxyuL4m_VeGqxe_BRBYGtSdbBurpPoasmiqc0bD4Ix41F9lQIAAAKMUgAAAGJoAQeZAony_SKEcAudOwIJQh8uZCFHuToWoiSkW2bB8lRaxIXpzWA_o7i5ttmO5s2BHWqFN2z4zIu11j5BQFcGPv80nGwH4aJ0eJ9JSY3EPM07zVRCAIcHXEBKxVp9wtqvfBj2IDkUl1bRYMP52JsAQsyA7GDeLJWUMPTkLKpzrAmGI8O6Rui89mv6hmTn8A9UgnWpxAqZkIvke1m_B7rWFxpBDHHnx_pziINwsantc4HJi0xRbHOE2a96Y3jzlbH3rwN6eEcr9s4qTze2vqzPt6E8w_SI6OyKw0QBe6qWazAFCiKkSbT7cCJLjbM9rfts1u4DdZu8RAiLAD0xD_CSKuBDUOATDSaCfI_lPwOTFzjPeyw8gu29ABgqAMEllzx82TpnkqofRqaC57fX7OHJ8VurieX6soBFeKa50sQtW0b_o2eGOmKEfX6ul0_qj207Cyq83zeCl0Lyo1tGnDl29Ls-5krYg-HS5ULrUG6QirzwM9hT5wokaELYFN4mxmkemFJi9tnrP2D08uHztlHexuTDFw2HgPItMCMHwLoz95ZiTrPvesW1vyXXXZV8lijdgqQFVPy_6MWZUa81h2BbEDihZiEXny1ucZNAnte7YLv4jJXH_nE-H678NXWi3t28kzqZ0U3MnnldvniNiBMyq9p2xXOhdpwMC85dpcVT74Cp5L89UdVqaV_4WwskjQ3qiePjutoSmMBuRNPfbbl_-LX_5UDD8cI2arjY9VqRTxUd9WWoRG_k6Q2crWDg6LbE4a-fS0ZKctLdVJwqNRLHlX9Fa0lCASijun23oZ6bjV2QxJyE0NCkgrR2OU7mT5du2cWnL-njr1I-cT88clFG5d9RLANbbXtVSjGCeVpa
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TechLabViewabilityEvent_V1.0.11_alpha.min.html
s0.2mdn.net/ads/richmedia/studio/37408878/ Frame BCB1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alpha.min.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alphaContainer.min.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7311079d0ff80bc71cb046dfbde1d46d6efa4fc18a85abe345baaa3b68bec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alpha.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alphaContainer.min.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s0.2mdn.net/ads/richmedia/studio/37408878/TechLabViewabilityEvent_V1.0.11_alphaContainer.min.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
852
date
Wed, 02 Jun 2021 13:47:20 GMT
expires
Wed, 02 Jun 2021 14:02:20 GMT
last-modified
Tue, 22 Nov 2016 10:16:07 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
809
cache-control
public, max-age=900
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD44 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BiAOkEI-3YOnkBZ-D2fcPvt69yAoAAAAAOAHgBAI&bg=!VlWlVRHNAAaMan2LjGo7ACkAdvg8Wq0Hh-qxcx6kjoXaFTb5YpT2PAqw6EE9dqgrY19B7t8YIDGxCQIAAAJyUgAAABhoAQcKALA_rzQTRqiUyaLywZsQvNl0yYWcwyGs6TFSME5ySVVZDrnLRvmP_H9HJAeM7pFiLxM5jfLHEKGMyMazRovKNDnDSMJAhdu1Rrvjm2HkeImYE4WPFiKh8TzKXS55raykkhIgxqgsW9FhjN16vD6BWNjtOa86OH3H8HHV_XUsKquo3rrmrLO5tBI2hLECCO5VIdKfpIMOL3-cec7F_OWlw-Sg7YHcYfUzNdRFoRWkLjgyBZkClyOaxuRwg4l3N4SKWDACuoI4TPeIsYZWCbHdlIhpYTXJpCIIxhrYPKG6TunRwNtLf8Ul2wudCzGPblJ08IzTHXlTqHc89zS-xBZwwIhG_Hrb4UKgDtX7IoAg6n0P99ZbNswibvIBwdQRDN9J40PoldxcPZJdTV1jVKxbgSXiNj-RDjoB41vkTEakoC4YxYI20Gf-369v2Wsm-FjnfaO8CEJbr1Tu1r_C-hyf2KHZ5dR8vIhWRJUEwvOgVLM8k4jZM9ijOnqt24kCu7qDgX7yDjn4FNfzgN-EgaBcUlBD-vYdhohU88TRXGbH7kTqsjBW9AKDvQnmizLgFHhfa8zR9sy__Aes8LhvAR3Yz0PaJqkbCRGW9oK2to9wCL9A80BecwuCDcG34ppFtuoAKAU4nV3mdR947aKR5oP7nUdKwIY25FFsAXyAezqtWVUR4SnOsmolDL8e6rS5eqvKdCX4FQrlGvugFoQHfZphvHtgB62kNp8yy9I-RM5ghbU2wgFGTaftIZ_-RVv93hkhL-9FqdFoTpSBtz-fGXehvhb-0FEMiF_DYjAfsI-mp2y2iOJ1ZKi3Qs-aZXAzgid3twB2Ops8pcla-Zvv4QJ9qQc3nb-iPWDiy-4OIQ97lhUwVBY1XSnCVVxaAYK0gqpxEwe4xKP9BbE9l7P1U-j4IGsJA_utXYauk6L-Y8NCoTbnnUHee6_Es2GfamX-UeP-H78xOLiR9p3IQYP4WZEpeJNw1XRHfXpTrHl3CNVW_pQwlEs_mAM6UiHe-2GVLX4I1_FHv3e-CGNowh6hJi15aFkGCQt40v1u-o2VIqjQHj2PD41CMYVqmY32Zjf6syUoLPyoQ5rVKBl7d98yO3f7wy8zNoRCavB3ctWD1A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB71 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-P7dD4-3YI2yO6KNjuwPyduVqAMAAAAAOAHgBAI&bg=!vb6lvvrNAAaMan2LjGo7ACkAdvg8WsgWH3ZBmP0GWvVrvx-YAxc_m2zjzqignevfCFnmkpsQ9kyyqQIAAAIuUgAAABVoAQcKAGYU0Cn4McCMAJG_c2opAqzY6gkQrGVbrCI5FWssf-lWXaxbDT45QyetuZluJR1I-aOUd73W56V535IcFDXaGpQC16aoPJ5hVETaBVNgHiHEVHWk-H5ah9--pvUXLS2pq3AbAmhvYwqZAonGvBzCh6alfVLGrCmCJuqT-nxbMXl--dSu7Vty_OuvTDLHBzcjGXenaHMiGYBc_Mp3jVTzTu9AZ2CEmnLF_hXzlrwqhunUMGX3E_4isV2rpXa2IJvmgvzqjiVcSED7xEdikIUvIThXmlaa8dxD2jxb6DP_wkNxPBR3cf781JePpNMbVAFRT48R9xQDcGnBVRKMSKSeuhy9Heo6QHOtKGy6IIwZ9MQJX6fxuo3DHgT3fnxHTV5hImtCG3am5Tnin7GMpEztnqgVAZ9tD9pIF0J3wjMD7sOgRsChgK48byO5pzUdLPH4i4A5bddzECO-vAKciC9B3odQ3DXe2PKBeWLXQ0AeoinXsGTlinX8JQ87tMbUUwuZjByzdEczqWkr-CFoOTBhBLQUes6VrTEIKOSgQ12vUjkQsCfuDsmTec6APEnNGDbTzcSK2oKLX3f4TcImEaoW6NtAiQIEvQhsKZydAT0XhZP4zQQAVFf9PI3NubHWCetiMb_ExUpYJWt7W7kwpqRktyffv01hg5QpmTrfp1Z2gpK8gPnYTdSIjwJWDHnuNM6FK31aVlJCU4jLE7AxXFzPKnAadQiJ7KeMJjupk9_GPydRO5BS8VbRqDBDBjJ244Dgrpz4bCtiKoa7Vkkbbg8RE8XRr4o1u4ivlJ7QbaIIEpbB5yT2ZmUDCfRjJoB_dyP_hd3KarD0cH2lGuQ2lYphqe_oaS9h7P1xbETN82pamBRklB7li190phv8QtzNnxceDvxiTIhVQ0Dd0zKqc9kKRmW8hGRRKcgGXvbANyuACyjhgabcdmB7LD3JrbSNbuWGWGKGGklzRDwCI57jSmwqoJplnbtAYt735wlDSX5UFdKWe8aS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1014f7ea3466761b40c244b74797bb8d.woff
s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/assets/ Frame B17A 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/assets/1014f7ea3466761b40c244b74797bb8d.woff
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5be663c509892a8a6f81ad6287672c71439a7dc17f5805d9a98fc45919b55a52

Request headers

Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
last-modified
Wed, 01 Apr 2020 11:12:32 GMT
server
nginx
etag
"5e847720-f5d4"
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
62932
1014f7ea3466761b40c244b74797bb8d.woff
s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/assets/ Frame D436 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2040031/7907609/bvpath_3074/assets/1014f7ea3466761b40c244b74797bb8d.woff
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5be663c509892a8a6f81ad6287672c71439a7dc17f5805d9a98fc45919b55a52

Request headers

Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
last-modified
Wed, 01 Apr 2020 11:12:32 GMT
server
nginx
etag
"5e847720-f5d4"
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
62932
/
a1.adform.net/dco/recommendations/ Frame B17A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/dco/recommendations/?aid=2040031&tid=30234&tv=1622642449544&icid=3459499700000477552&eid=1696295&rotseqno=1&dco=2&bnrid=43356409&intid=2641621312494193775&geo=246436,10181,756&bn=43776674&gcnt=100&pgsz=2&format=json&callback=adform_com_kymubpwg4g
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
08b712c780805dc4af0617d7292fd11ffb3e3431172f109eed0007414ba695bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

correlationid
00fe47f0-54ba-4659-bde1-1079a89897b9
date
Wed, 02 Jun 2021 14:00:49 GMT
content-encoding
gzip
x-origin
dcotar001prpitx
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript;charset=utf-8
content-length
2413
activeview
pagead2.googlesyndication.com/pcs/ Frame 1852 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRGfHyeX9JCCBRfmpkrY-Tj35-YTiQfm4AsqocwVWLS4aUcTj81NLuuIAzGJOrcoKHrVJRs1VsIisu3fo1E4eNJpxPSMSOOBkvToPSfbqj1WfSAejbzKImycln1g&sai=AMfl-YTQhEQoM2e2PkQcb7Gr9B4dad-nF0O6h0dr8ZbVkixfR8cyxVYyh9pfr9QJICF0-9ZwofgWbgEf4bq14jifxwXfO3ghpaSqlAnTMBdGg3dQVS_hvig3jEDx8JpcY7fH&sig=Cg0ArKJSzCGmh9SOiCvTEAE&cid=CAASPeRoRh1VMDSbUuSVaNbV7ZRd-F9MBO496nzEPwgW-bNjJCTPlCOfu_iRHhysACHUDdDDLAU1EJ9iiJx2r78&id=lidar2&mcvt=1000&p=360,315,614,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=346143110&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622642447830&dlt=74&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CBC7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4iGyfJYqnM66KycwV5Nx-3-yAvO82Pwjewu9FW9c17TUuzBRod8n46MicnwqCPTLh7b_e-1t952LGmAwbSrB6f88SWNriTMwoiU5IZYs8tJeFdjkfAKw05CQ_Zg&sai=AMfl-YSj29YcF1IOZPld_GonNuJya9y_yLpT3xq33DEGRjDoWsDGJW817liKQHIYjYXiWBHVSW3uMJcImiZFxUrSsvxN3BXZQR8e0r7c0FV0hlGjMiPDnbG1PbbBUoOdDGdA&sig=Cg0ArKJSzAI-kx2LsEfEEAE&cid=CAASPeRomVYeFtio5f3fnYeK5qThxVrakToNzMXaG-7f4D2sWZ2pEkuMS80BplVYOcBhne1e9siYT2-Bg30L3Vs&id=lidar2&mcvt=1002&p=1095,315,1349,1285&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.41&if=1&app=0&itpl=20&adk=1227044352&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622642447831&dlt=69&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a1.adform.net/dco/recommendations/ Frame D436 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/dco/recommendations/?aid=2040031&tid=30234&tv=1622642449568&icid=3728092294030680943&eid=1696295&rotseqno=1&dco=2&bnrid=43356409&intid=8130143762041940301&geo=246436,10181,756&bn=43776674&gcnt=100&pgsz=2&format=json&callback=adform_com_3cdyzhj9nho
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6b7aa0a6ef34fd347846284d451a9db1efc8768d339f6e9c18d3d87c121bc568
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

correlationid
2d35ec80-ac5f-493b-b305-275f950b7373
date
Wed, 02 Jun 2021 14:00:49 GMT
content-encoding
gzip
x-origin
dcotar003prpjay
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript;charset=utf-8
content-length
2477
hmprod%3Fset%3Dsource%5B%2Fenvironment%2F2017%2F8FZ_0235_013R.jpg%5D%2Cwidth%5B4203%5D%2Cheight%5B4915%5D%2Cy%5B-12%5D%2Ctype%5BFASHION_FRONT%5D%26hmver%3D0%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
hm.adform.net/ Frame B17A 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.adform.net/hmprod%3Fset%3Dsource%5B%2Fenvironment%2F2017%2F8FZ_0235_013R.jpg%5D%2Cwidth%5B4203%5D%2Cheight%5B4915%5D%2Cy%5B-12%5D%2Ctype%5BFASHION_FRONT%5D%26hmver%3D0%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f9f96870cc543227a98081bdce7350bf5aa33dbfd9609b8c69472a092f063228

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:49 GMT
Last-Modified
Thu, 23 Apr 2020 09:46:04 GMT
ETag
"1587635164"
X-HW
1622642449.dop241.fr8.t,1622642449.cds133.fr8.shn,1622642449.dop241.fr8.t,1622642449.cds272.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
27626
hmprod%3Fset%3Dsource%5B%2Fmodel%2F2017%2FE00%200493484%20001%2061%202430.jpg%5D%2Ctype%5BSTILLLIFE_FRONT%5D%26hmver%3D1%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
hm.adform.net/ Frame B17A 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.adform.net/hmprod%3Fset%3Dsource%5B%2Fmodel%2F2017%2FE00%200493484%20001%2061%202430.jpg%5D%2Ctype%5BSTILLLIFE_FRONT%5D%26hmver%3D1%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
24b0bcbe079b9bef5fb897cce6bd391e8dfbe59e4c56f1adc415b797c245ba2c

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:49 GMT
Last-Modified
Sun, 25 Oct 2020 20:28:39 GMT
ETag
"1603657719"
X-HW
1622642449.dop225.fr8.t,1622642449.cds292.fr8.shn,1622642449.dop225.fr8.t,1622642449.cds204.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
56091
/
a1.adform.net/Serving/Event/ Frame 1852 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.adform.net/Serving/Event/?bn=43776674&event=152&time=1&baid=43356409&asid=7907609&name=Dynamic%20Product%20View&imprid=2641621312494193775&icid=3459499700000477552&eData=SUPmRGoIbeRXtJA91LBaZeR5B96FBCPoFIdPBdhrB-XrygPkIxxfkzDPnjPbO3kTcKv4ngBCSVgejhO7hqvlp96vWmW1dlSa0&rnd=678592046&bv1=30234&bv2=7403695539484015465&bv3=Gemustertes%20Kleid-0493484001&pdata=COn22oDeu83fZhIcR2VtdXN0ZXJ0ZXMgS2xlaWQtMDQ5MzQ4NDAwMQ2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
hmgoepprod%3Fset%3Dsource%5B%2F9a%2Fe6%2F9ae6c932c447b22b377a26f0566ca8f9dbe7f659.jpg%5D%2Corigin%5Bdam%5D%2Ccategory%5B%5D%2Ctype%5BLOOKBOOK%5D%2Cres%5Bm%5D%2Chmver%5B1%5D%26call%3Durl%5Bfile%3A%2...
hm.adform.net/ Frame D436 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.adform.net/hmgoepprod%3Fset%3Dsource%5B%2F9a%2Fe6%2F9ae6c932c447b22b377a26f0566ca8f9dbe7f659.jpg%5D%2Corigin%5Bdam%5D%2Ccategory%5B%5D%2Ctype%5BLOOKBOOK%5D%2Cres%5Bm%5D%2Chmver%5B1%5D%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1a471691cdb08adf480c0c7e9bf51f14c70e82ad67d4a6c485dfbd41d87b2021

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:49 GMT
Last-Modified
Sun, 30 May 2021 23:30:30 GMT
ETag
"1622417430"
X-HW
1622642449.dop225.fr8.t,1622642449.cds202.fr8.shn,1622642449.dop225.fr8.t,1622642449.cds212.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
95435
hmgoepprod%3Fset%3Dsource%5B%2Fc2%2F60%2Fc26060000f1fcbc9eaee68f67f757b8fc1caf102.jpg%5D%2Corigin%5Bdam%5D%2Ccategory%5B%5D%2Ctype%5BDESCRIPTIVESTILLLIFE%5D%2Cres%5Bm%5D%2Chmver%5B2%5D%26call%3Durl...
hm.adform.net/ Frame D436 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.adform.net/hmgoepprod%3Fset%3Dsource%5B%2Fc2%2F60%2Fc26060000f1fcbc9eaee68f67f757b8fc1caf102.jpg%5D%2Corigin%5Bdam%5D%2Ccategory%5B%5D%2Ctype%5BDESCRIPTIVESTILLLIFE%5D%2Cres%5Bm%5D%2Chmver%5B2%5D%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2dbb536abda63c41f8313e9abec43cc8ec1fab6eb5817b4c0b6a2f06a0781d69

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:51 GMT
Last-Modified
Thu, 20 May 2021 07:28:03 GMT
ETag
"1621495683"
X-HW
1622642449.dop241.fr8.t,1622642449.cds133.fr8.shn,1622642449.dop241.fr8.t,1622642451.cds129.fr8.p
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
60413
/
a1.adform.net/Serving/Event/ Frame CBC7 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.adform.net/Serving/Event/?bn=43776674&event=152&time=1&baid=43356409&asid=7907609&name=Dynamic%20Product%20View&imprid=8130143762041940301&icid=3728092294030680943&eData=v-U635jjUptXtJA91LBaZeR5B96FBCPoFIdPBdhrB-XrygPkIxxfk6foLi6AC1GHrwzmj1kW1knz84M0sdLmXN6vWmW1dlSa0&rnd=922363269&bv1=30234&bv2=5189794854379926103&bv3=Cropped%20Jerseyshirt-1009673001&pdata=CNfk3IPG3faCSBIeQ3JvcHBlZCBKZXJzZXlzaGlydC0xMDA5NjczMDAx0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:49 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
hmprod%3Fset%3Dsource%5B%2Fenvironment%2F2017%2F8FZ_0235_013R.jpg%5D%2Cwidth%5B4203%5D%2Cheight%5B4915%5D%2Cy%5B-12%5D%2Ctype%5BFASHION_FRONT%5D%26hmver%3D0%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
hm.adform.net/ Frame B17A 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.adform.net/hmprod%3Fset%3Dsource%5B%2Fenvironment%2F2017%2F8FZ_0235_013R.jpg%5D%2Cwidth%5B4203%5D%2Cheight%5B4915%5D%2Cy%5B-12%5D%2Ctype%5BFASHION_FRONT%5D%26hmver%3D0%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f9f96870cc543227a98081bdce7350bf5aa33dbfd9609b8c69472a092f063228

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:49 GMT
Last-Modified
Thu, 23 Apr 2020 09:46:04 GMT
ETag
"1587635164"
X-HW
1622642449.dop225.fr8.t,1622642449.cds292.fr8.shn,1622642449.dop225.fr8.t,1622642449.cds272.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
27626
hmprod%3Fset%3Dsource%5B%2Fmodel%2F2017%2FE00%200493484%20001%2061%202430.jpg%5D%2Ctype%5BSTILLLIFE_FRONT%5D%26hmver%3D1%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
hm.adform.net/ Frame B17A 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.adform.net/hmprod%3Fset%3Dsource%5B%2Fmodel%2F2017%2FE00%200493484%20001%2061%202430.jpg%5D%2Ctype%5BSTILLLIFE_FRONT%5D%26hmver%3D1%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
24b0bcbe079b9bef5fb897cce6bd391e8dfbe59e4c56f1adc415b797c245ba2c

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:49 GMT
Last-Modified
Sun, 25 Oct 2020 20:28:39 GMT
ETag
"1603657719"
X-HW
1622642449.dop225.fr8.t,1622642449.cds202.fr8.shn,1622642449.dop225.fr8.t,1622642449.cds204.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
56091
hmgoepprod%3Fset%3Dsource%5B%2F9a%2Fe6%2F9ae6c932c447b22b377a26f0566ca8f9dbe7f659.jpg%5D%2Corigin%5Bdam%5D%2Ccategory%5B%5D%2Ctype%5BLOOKBOOK%5D%2Cres%5Bm%5D%2Chmver%5B1%5D%26call%3Durl%5Bfile%3A%2...
hm.adform.net/ Frame D436 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.adform.net/hmgoepprod%3Fset%3Dsource%5B%2F9a%2Fe6%2F9ae6c932c447b22b377a26f0566ca8f9dbe7f659.jpg%5D%2Corigin%5Bdam%5D%2Ccategory%5B%5D%2Ctype%5BLOOKBOOK%5D%2Cres%5Bm%5D%2Chmver%5B1%5D%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1a471691cdb08adf480c0c7e9bf51f14c70e82ad67d4a6c485dfbd41d87b2021

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:49 GMT
Last-Modified
Sun, 30 May 2021 23:30:30 GMT
ETag
"1622417430"
X-HW
1622642449.dop225.fr8.t,1622642449.cds292.fr8.shn,1622642449.dop225.fr8.t,1622642449.cds212.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
95435
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6C99 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=110641
expires
Thu, 03 Jun 2021 20:44:51 GMT
date
Wed, 02 Jun 2021 14:00:50 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C802 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://engel-orakel.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 03 Jun 2021 14:00:52 GMT
Date
Wed, 02 Jun 2021 14:00:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame DDF7
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/yieldlove-bidder.js?engel-orakel.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
b253827fb4322a3e51281f57535cc86d30ec38f003be02b0f980b47923acaaa1

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engel-orakel.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=b7860f29-7ec9-0cd9-21b7-f28fcf835fb1|1622642450
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://engel-orakel.de/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=b7860f29-7ec9-0cd9-21b7-f28fcf835fb1|1622642450; Version=1; Expires=Thu, 02-Jun-2022 14:00:50 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622642450|gekin0vNiygu; Version=1; Expires=Thu, 17-Jun-2021 14:00:50 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 02 Jun 2021 14:00:50 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=b7860f29-7ec9-0cd9-21b7-f28fcf835fb1|1622642450; Version=1; Expires=Thu, 02-Jun-2022 14:00:50 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
date
Wed, 02 Jun 2021 14:00:50 GMT
content-length
0
via
1.1 google
alt-svc
clear
sd
eu-u.openx.net/w/1.0/ Frame DDF7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66d960b7-8f12-4100-a7b0-99373a6902d3
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66d960b7-8f12-4100-a7b0-99373a6902d3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 02 Jun 2021 14:02:58 GMT
Server
MT3 3736 915c305 master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66d960b7-8f12-4100-a7b0-99373a6902d3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Jun 2021 14:02:57 GMT
sd
us-u.openx.net/w/1.0/ Frame DDF7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Ks0KsSSbWbQxzl6yJJxF4i3LUbcxyQnjf8hBLRo7
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Ks0KsSSbWbQxzl6yJJxF4i3LUbcxyQnjf8hBLRo7
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Ks0KsSSbWbQxzl6yJJxF4i3LUbcxyQnjf8hBLRo7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame DDF7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3100427437163623652
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3100427437163623652
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3100427437163623652
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame DDF7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=642a3070-d74e-332e-7b61-3a67aba46c4c&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame DDF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDg0NWUzYmEtMWUzOS02ZDhhLTZlODEtNjBkZTYxNDZhMjJj
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDg0NWUzYmEtMWUzOS02ZDhhLTZlODEtNjBkZTYxNDZhMjJj&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDg0NWUzYmEtMWUzOS02ZDhhLTZlODEtNjBkZTYxNDZhMjJj&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDg0NWUzYmEtMWUzOS02ZDhhLTZlODEtNjBkZTYxNDZhMjJj&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DDF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYuMerP9oluqhU_FZUzGJ4&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYuMerP9oluqhU_FZUzGJ4&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2671f27c-3f24-410f-8105-4de0c801f2a9&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYuMerP9oluqhU_FZUzGJ4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6C99 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70657975&p=73726&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3c918fb1999168045d773b08c095087522484155d1b35cef0d1e574365d3c711

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bounce
ib.adnxs.com/ Frame C802
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:50 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid
46daa3c8-b3e9-4404-aaae-1a40c055a528
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:50 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid
53810c6c-d9b8-49d3-af60-f3b0a727a621
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 3872 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4EBAE9FD-586B-4A48-A330-6D6CE531AADE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=4EBAE9FD-586B-4A48-A330-6D6CE531AADE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 14:00:50 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2782547450625433058; expires=Sun, 01 Aug 2021 14:00:50 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E619
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=361730013521623057
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=361730013521623057
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=361730013521623057
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=4EBAE9FD-586B-4A48-A330-6D6CE531AADE; chkChromeAb67Sec=1; DPSync3=1623801600%3A201_197_219%7C1622678400%3A174; SyncRTB3=1623801600%3A71_8_22_220_7_54_3_161_56_13_21%7C1623196800%3A223%7C1623456000%3A63%7C1623888000%3A35%7C1625184000%3A203; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEBbnMGhH5KYAl2zHiIVEkiQ&KRTB&16514-CAESEBbnMGhH5KYAl2zHiIVEkiQ&KRTB&23025-CAESEBbnMGhH5KYAl2zHiIVEkiQ; PugT=1622642450; KRTBCOOKIE_153=19420-l9gm8pmOdfeM23LxmYlpoZDeffSM3CWgwt2C52m0&KRTB&22979-l9gm8pmOdfeM23LxmYlpoZDeffSM3CWgwt2C52m0; KRTBCOOKIE_57=22776-3882945042946080641; KRTBCOOKIE_27=16735-uid:66d960b7-8f12-4100-a7b0-99373a6902d3&KRTB&16736-uid:66d960b7-8f12-4100-a7b0-99373a6902d3&KRTB&23019-uid:66d960b7-8f12-4100-a7b0-99373a6902d3&KRTB&23114-uid:66d960b7-8f12-4100-a7b0-99373a6902d3; KRTBCOOKIE_391=22924-2858328732030527945&KRTB&23263-2858328732030527945; KRTBCOOKIE_377=6810-7a9e7267-0cb6-48b8-b6dc-0c1c83168882&KRTB&22918-7a9e7267-0cb6-48b8-b6dc-0c1c83168882&KRTB&23031-7a9e7267-0cb6-48b8-b6dc-0c1c83168882; KRTBCOOKIE_1101=23040-6969196255859505299; SPugT=1622642449
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 14:00:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-361730013521623057; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 14:00:50 GMT; path=/ PugT=1622642450; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 14:00:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 14:00:50 GMT; path=/
x-lat
lhrpug004:0:850
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=361730013521623057
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 594F 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 02 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1445
x-powered-by
ASP.NET
date
Wed, 02 Jun 2021 14:00:50 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 551C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969196255859505299
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969196255859505299
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969196255859505299
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=4EBAE9FD-586B-4A48-A330-6D6CE531AADE; chkChromeAb67Sec=1; DPSync3=1623801600%3A201_197_219%7C1622678400%3A174; SyncRTB3=1623801600%3A71_8_22_220_7_54_3_161_56_13_21%7C1623196800%3A223%7C1623456000%3A63%7C1623888000%3A35%7C1625184000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Jun 2021 14:00:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6969196255859505299; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 14:00:50 GMT; path=/ PugT=1622642450; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 02-Jul-2021 14:00:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 31-Aug-2021 14:00:50 GMT; path=/
x-lat
lhrpug014:0:953
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 02 Jun 2021 14:00:50 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6969196255859505299; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969196255859505299
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6C99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Trrp_VhrSkijMG1s5TGq3g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=60813
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Thu, 03 Jun 2021 06:54:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=66d960b7-8f12-4100-a7b0-99373a6902d3
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=66d960b7-8f12-4100-a7b0-99373a6902d3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 11:50:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Jun 2021 14:02:58 GMT
Server
MT3 3736 915c305 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=66d960b7-8f12-4100-a7b0-99373a6902d3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Jun 2021 14:02:57 GMT
mw
mwzeom.zeotap.com/ Frame 6C99
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4EBAE9FD-586B-4A48-A330-6D6CE531AADE
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4c1dc40ef2dcfe40b8891255006257c4
  • https://spl.zeotap.com/?zdid=1332&zcluid=d63cdb1a15f877e0
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c337b70-a14a-4841-6143-d28542d56706&reqId=f6fb26eb-9b62-46b4-72c9-ce6cc05f8faf&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJ_I0vfZw-N_Cq1TUd-FW1Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c337b70-a14a-4841-6143-d28542d56706&reqId=f6fb26eb-9b62-46b4-72c9-ce6...
95 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEJ_I0vfZw-N_Cq1TUd-FW1Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c337b70-a14a-4841-6143-d28542d56706&reqId=f6fb26eb-9b62-46b4-72c9-ce6cc05f8faf&zcluid=d63cdb1a15f877e0&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
659135d51917c2d6-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a6e9ff92b0000c2d6b5885000000001

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEJ_I0vfZw-N_Cq1TUd-FW1Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c337b70-a14a-4841-6143-d28542d56706&reqId=f6fb26eb-9b62-46b4-72c9-ce6cc05f8faf&zcluid=d63cdb1a15f877e0&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEVCQUU5RkQtNTg2Qi00QTQ4LUEzMzAtNkQ2Q0U1MzFBQURF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:355
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBbnMGhH5KYAl2zHiIVEkiQ&google_cver=1
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBbnMGhH5KYAl2zHiIVEkiQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:601
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBbnMGhH5KYAl2zHiIVEkiQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 6C99 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 01 Jun 2021 14:00:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2858328732030527945
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2858328732030527945
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:533
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2858328732030527945
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:66d960b7-8f12-4100-a7b0-99373a6902d3&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:66d960b7-8f12-4100-a7b0-99373a6902d3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Jun 2021 14:02:58 GMT
Server
MT3 3736 915c305 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:66d960b7-8f12-4100-a7b0-99373a6902d3&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Jun 2021 14:02:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7a9e7267-0cb6-48b8-b6dc-0c1c83168882
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7a9e7267-0cb6-48b8-b6dc-0c1c83168882
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:583
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7a9e7267-0cb6-48b8-b6dc-0c1c83168882
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3882945042946080641&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3882945042946080641&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:1292
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:50 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.9:80
AN-X-Request-Uuid
4395755d-9bb9-4f37-abad-66547f87e304
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3882945042946080641&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4EBAE9FD-586B-4A48-A330-6D6CE531AADE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6C99 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4EBAE9FD-586B-4A48-A330-6D6CE531AADE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4EBAE9FD-586B-4A48-A330-6D6CE531AADE&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4EBAE9FD-586B-4A48-A330-6D6CE531AADE&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.tcBYg1E2uXr4hkX_FbIFfSh2DMjjYM-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.tcBYg1E2uXr4hkX_FbIFfSh2DMjjYM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Jun 2021 14:00:50 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.tcBYg1E2uXr4hkX_FbIFfSh2DMjjYM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l9gm8pmOdfeM23LxmYlpoZDeffSM3CWgwt2C52m0
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l9gm8pmOdfeM23LxmYlpoZDeffSM3CWgwt2C52m0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:565
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l9gm8pmOdfeM23LxmYlpoZDeffSM3CWgwt2C52m0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=05d06418-f8c4-49e5-b0cf-5678c69e0dae&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=68307235-481e-4433-8743-e91ae5157e77&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=68307235-481e-4433-8743-e91ae5157e77&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:452
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=68307235-481e-4433-8743-e91ae5157e77&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLePEgABRY3qiQBg&gdpr=0&gdpr_consent=&_test=YLePEgABRY3qiQBg
1 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLePEgABRY3qiQBg&gdpr=0&gdpr_consent=&_test=YLePEgABRY3qiQBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:828
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622642451.512278,VS0,VE0
x-served-by
cache-hhn4029-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLePEgABRY3qiQBg&gdpr=0&gdpr_consent=&_test=YLePEgABRY3qiQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
a1.adform.net/serving/unload/ Frame 1852 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/unload/?version=15&unload=3459499700000477552@@43776674,2641621312494193775,100|1100|0|0|0|0|0|0|0||139|1|||||1|0|0|IygJ-BbeMnlcPlakbYq96fARmy1AeLOTKglIkROY2IKeEFh7OAEmv4m3nyX34Xgm0||1|11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
a1.adform.net/serving/unload/ Frame CBC7 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/unload/?version=15&unload=3728092294030680943@@43776674,8130143762041940301,42|1200|0|0|0|0|0|0|0||64|1|||||1|0|0|IygJ-BbeMnlcPlakbYq96cpykk-pxjgaf5nRcJVENaKuQhU872pbMYm3nyX34Xgm0||1|11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:50 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
rs
ad4m.at/ Frame 7CBC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b20b07f8c7138d5da2b6f3825a4758cb999046db756f8176667c27347f99a641

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-rvz5
cf-request-id
0a6e9ff9d800002c19cfada000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1zkNnWFQxbHLWIEjoglJg0LcaEYoREy5DITX4j3Agm4zdEefjAbQcXwmPWQoK5ILhjoAdNuRWOz7vUPzYxySDvgWE37CuipaIHcphsI0pXH6baQWf5%2Bg%2FDbpqbXrVAns"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
659135d6283d2c19-FRA
rs
ad4m.at/ Frame C0E3 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78085ce3f4223824a635f696a7cef7941e86de618e85d29ebbc060da83ff35f8

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-rvz5
cf-request-id
0a6e9ff9f100002c19230ee000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qicLFmYN6JK9C9Ig%2B1klujNf1QiXisVRCDBTaJR8JbaqlM7ocuLXnOgqcoujCjv6VfIN07igdJH3B%2FOMQfZXlkuMwvqsUhHls9Prdb2fdTkeXvpBDI8%2BXfdck8EDPQMq"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
659135d648ac2c19-FRA
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H2
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
rs-rvz5
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a6e9ff9b400004e0e2b918000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DVRUB0e7Y5cKyYkhSdMV%2F4EvVIRoLsTqOA99zJXSJNeOXM3yuUN4UDZDxVXWJCSB8G6NilIDY7akRaxCkCF8Ev4fw7ChvcsqDHrR9x7VzPo3p7cgI9i2hwqFu1Zq4yIj"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
659135d5ef564e0e-FRA
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H2
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
rs-rvz5
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a6e9ff9b200004e0e6e86f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U85rm4fd7optHS1NXtsG9GAEjZrSoRGB71%2F38Q3ssPfc3s06VlKEGwHOcxpfmPxNucAHj8PsnZsQfsC2fKFrzQcFCFl4bDFw5CMdMybXZTkweJAb9SUKztpBRGAvUsU9"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
659135d5ef5a4e0e-FRA
rar
as.ad4m.at/ad/ Frame 1DCA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca113207a63fb10071cb53b8bec6b68fb94ae91928c336084d63049285dfbe9d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

date
Wed, 02 Jun 2021 14:00:50 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a6e9ff9fd0000beabdc96a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
659135d668aebeab-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame F823 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7698d67b7452ae2e6fcde5278da3baad3dfca1c117942b4c110933170f880087
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/

Response headers

date
Wed, 02 Jun 2021 14:00:51 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a6e9ffa2f00004a8011075000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
659135d6aff14a80-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame 1DCA 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
13382
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a6e9ffa2f00004a80c9ac1000000001
cf-ray
659135d6b8094a80-FRA
expires
Wed, 02 Jun 2021 15:00:51 GMT
0AE8D9213BC015B44E3B21A5BB1341B0863B5E508C1642279C53C6015E03A7F3C3E626685B8CD9EC185C4C5F0CA0F7840AC719C4531EA727398D2E88DA79FF0D
assets.ad4m.at/logo/ Frame 1DCA 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/0AE8D9213BC015B44E3B21A5BB1341B0863B5E508C1642279C53C6015E03A7F3C3E626685B8CD9EC185C4C5F0CA0F7840AC719C4531EA727398D2E88DA79FF0D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d557537cfe4da95ea3e1d88d0e618acd6b071206edd475a335cfecdbc01f1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Zq/5nA==, md5=iIXi46kQ9E6GEtZtWZdtPQ==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
581660
cf-polished
qual=85, origFmt=jpeg, origSize=11254
x-guploader-uploadid
ABg5-Uw6cSJzG-xtjji7m6emir2kbeUnUQT7uxTSW9IbHQz5UkotrSqmDeG3ER69CzECRXerBZqTW0CgRjEew9PaAPDrJqbNaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7300
cf-request-id
0a6e9ffa320000beabe91c3000000001
last-modified
Wed, 22 Jan 2020 13:14:31 GMT
server
cloudflare
etag
"8885e2e3a910f44e8612d66d59976d3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vzk5WVHJ30P3NgK8lZZJcg44eYfP%2FAHqJFHZHhxLvAQN3qkVS7caZeD3ZSNPb3kN5g6dp%2Fy8GipnjSWXecJypJXu5lIAtsM2Jr9HAgM1FXVxeAwcpOfvbCRKLKHfMN%2BStWqGK8miGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698871535883
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
11254
accept-ranges
bytes
cf-ray
659135d6b8e3beab-FRA
cf-bgj
imgq:85,h2pri
8764D20FF13330AF7D29196B97100A4A8A6322345BB32651224E51065B07C6E14D4B850C66991AAB90A305D15203F935AAF33984060773F373E160041A38F5E5
assets.ad4m.at/ Frame 1DCA 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/8764D20FF13330AF7D29196B97100A4A8A6322345BB32651224E51065B07C6E14D4B850C66991AAB90A305D15203F935AAF33984060773F373E160041A38F5E5
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab1c897697af8eb8e8ba0d11d61f91251058d7e076c98aff8c389111a0119c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=aLPcIQ==, md5=03tcwYupOS/S0TxL0enqYg==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
813177
cf-polished
origSize=35948, status=webp_bigger
x-guploader-uploadid
ABg5-UxLlO_iFz2UZ2tyxCmTWc-4pNXb72fWTx_xjt2hV7mrgWM049SoNs9yaxgFrqNVaGGecuzD1sISbvzEYNrSyaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34518
cf-request-id
0a6e9ffa320000beabcd172000000001
last-modified
Mon, 06 Jan 2020 13:35:35 GMT
server
cloudflare
etag
"d37b5cc18ba9392fd2d13c4bd1e9ea62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9GNsVex8Xg5cAJCpoygpOzBzB8fajIm3ZpcT8Yzi6L5d06N41btAViayhRkyEP5w22Q9756B0vKutPFOUDbOPPc1hMR6s6LK2P9%2BlofYXj6C7%2FhtuIl6NBxJ6lUhDxolAhGmWEcrmA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1578317735989428
content-type
image/jpeg
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35948
accept-ranges
bytes
cf-ray
659135d6b8e1beab-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 1DCA 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2360001&v=15031&q=360235&r=412871&pv=1&pref3=oneid36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15oneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:51 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
765CADA28032EA300185C97FE43E7DC72FABDA47D1415AC466E300C06C7A0AB18AF86912131BEB110F741B9543117C3D21568E267A167ABCCBBBE58B13D7C018
assets.ad4m.at/logo/ Frame 1DCA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/765CADA28032EA300185C97FE43E7DC72FABDA47D1415AC466E300C06C7A0AB18AF86912131BEB110F741B9543117C3D21568E267A167ABCCBBBE58B13D7C018
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18e85557b410b509feba9aa0c714e3ccc3b087d65dc74e441cb0c283c2fda93

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=z2KVpg==, md5=seTkOG1XdOiaf134HaymMQ==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1175595
cf-polished
origFmt=png, origSize=48285
x-guploader-uploadid
ABg5-UxgIni2DvSRphHPZ5ZBFt7vdN-b7upfXFVh4j5wFY3Dgu7t-bMImfp87fV5lH2H4OWaw5APVbAyjvE6XaZHbAvP62-TdA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17352
cf-request-id
0a6e9ffa320000beabd69aa000000001
last-modified
Fri, 14 Feb 2020 10:25:09 GMT
server
cloudflare
etag
"b1e4e4386d5774e89a7f5df81daca631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eXlxuqgzrySJlbr%2BKYOs2jS%2B6OHoZKfuDVi7m4j7e9NdwSywLwMS3BKPF1U%2B4lfIf78fZJkbjX809X8AoM%2FGr%2FtcJ%2BwcWE%2FBSPq1hY%2FBiUFQvvSgkta94pHm1YfBzusS5Z26JiabIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1581675909379056
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
48285
accept-ranges
bytes
cf-ray
659135d6b8e5beab-FRA
cf-bgj
imgq:85,h2pri
7B025A97821820F8F2C917E7F60D72A90E74D178FE917AC1604E3FB771317B32A18A15961E76CD2A98B3C503D9425ADDAD3666286B0689E751C2DD365E85E5AA
assets.ad4m.at/ Frame 1DCA 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/7B025A97821820F8F2C917E7F60D72A90E74D178FE917AC1604E3FB771317B32A18A15961E76CD2A98B3C503D9425ADDAD3666286B0689E751C2DD365E85E5AA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9d6d137db4228c3b093fe2a76f583d20ca044fbab08c01545c284d05220a4ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=m/eupA==, md5=wslnJrAljVSmIzm9gZf80w==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1697064
cf-polished
qual=85, origFmt=jpeg, origSize=74782
x-guploader-uploadid
ABg5-UziSO5Tat0UvvWlezzEDyP9szeXB9ywqzLQalr3xJx47cQGAc4-BeBXMtO9UcsBE3isp8uHSQjT5Czm-oEqGtU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
23354
cf-request-id
0a6e9ffa320000beabef34e000000001
last-modified
Fri, 14 Feb 2020 12:27:43 GMT
server
cloudflare
etag
"c2c96726b0258d54a62339bd8197fcd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iyV9nBsqRW9uP4ex78QdikjyF%2Fukct0iGBA07T8c%2B94645X20bPxfqx1fA1xwPwHCkIgmu8cpqUgcdGNvrA20sV7xc1NmigI9sclnhhyrNMz81HEJSbAcea7KkPm01B8pV%2F647qkWg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1581683263309725
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
74782
accept-ranges
bytes
cf-ray
659135d6b8e6beab-FRA
cf-bgj
imgq:85,h2pri
/
www.gonser.ch/ Frame 1DCA
Redirect Chain
  • https://cct.connects.ch/tpv.php?t=117617V1843154155B&subid=oneidpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXBoneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://cct.gonser.ch/tpv.php?t=117617V1843154155B&subid=oneidpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXBoneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0&sdtr=1
  • https://cct.gonser.ch/images/spacer.gif
  • https://www.gonser.ch/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:51 GMT
x-content-type-options
nosniff
server
nginx
content-type
text/html; charset=UTF-8
location
https://www.gonser.ch/
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
assets.ad4m.at/logo/ Frame 1DCA 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=uBT5pw==, md5=m/nGsGI7MZjl8qFjDucXXA==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
991600
cf-polished
origFmt=png, origSize=14365
x-guploader-uploadid
ABg5-UyjM0JnkAyMx_uib7mZJ8Q1edUnVEM2PZkRO4EKpcNy1A3Agm03B0tkil4jn3eJe3vB-XBg9O98hVKFyRw3r9HABmT86Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10826
cf-request-id
0a6e9ffa330000beab028c0000000001
last-modified
Wed, 22 Jan 2020 13:11:42 GMT
server
cloudflare
etag
"9bf9c6b0623b3198e5f2a1630ee7175c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=484HNChxBx8P08Pk9AO9oSSSbWBFTZ1BsbAlDcusaNPITRPAX6ggC4bxOCj%2BX7MR7Go9rW0ELHtrW%2BKWXM5XumWgGevgcjY%2Fke1ntfLBtVmYWqiNcSg7EAWdxG3wXi1KJWbleyREFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698702621217
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
14365
accept-ranges
bytes
cf-ray
659135d6b8e7beab-FRA
cf-bgj
imgq:85,h2pri
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 1DCA 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=N32OnA==, md5=J6Z7SGxOZh06HAZkoms1TA==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1246694
cf-polished
origFmt=png, origSize=17719
x-guploader-uploadid
ABg5-Uwu1b4aAsagKzCpF4Lcsnz-T9DQPR4ZSHvRwkv0huGmLExKODWAWlSiljyZhK7pubJ5JuvA3BUKIHt_SZuHtP6iugkCtg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14118
cf-request-id
0a6e9ffa330000beabd2a53000000001
last-modified
Tue, 29 Oct 2019 13:02:31 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QFXqjDYvB3BDkm2dRzNqg90Je6Gib2cagio8V8Vk9Ih7WMpjoyZ7SOHuXNLgb%2FxXc8ijFIVP3Pu5yfdayL3lIHbmZcF9YUEa57riYHpOhnBjblTED2YcI9nu01VKP2GcT1i7SShkLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572354151547305
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17719
accept-ranges
bytes
cf-ray
659135d6b8e8beab-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.ch/ Frame 1DCA
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkXoneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?insert=AW
3 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.ch/ztpv.php?insert=AW
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C34832%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2Cpb6f1fDj54ar7rSkH4HmtztrWqsbtRTXB%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CJjkUzfm4D7SgEgaBH6H7tqCQXkcjtgTWD%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=160&d=600&e=&g=355984a617e72c9cfd201b724296d660%2F1763742368595037244&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCAkbcD4-3YND7DcHX3wP5yonACIrSycRf8tPJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMcBT9CWs3GAMIoK9GLBpfEeem_Li8jcWYKrZ-7edD1f8Rv4ecfRmuTdvIv9WRjs7KogsyNV-j5lNhYs0-9I7NUCBEi9ztMKUiZ7uVchcAA3ciOTDHZEaPyf97z1Su_YndjWBl54sPHhoRAoTen69TqcWY2zTJRv9rmF3H9wKn_95bcjyJp3y91RJC2Tu3XYTOY-GjcVtptmeSx-4V4II880baRbM4eAvAUda7YJ1y30wnjakyMdBBn_a8DOrehUZNkUY65vYkpHlcAEx_D565oB4AQDkAYBoAZNgAeBjvI3qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi00NzAzNzU0MTcxODE1NjY2gAoDmAsByAsBgAwBsBPby-sC2BMDiBQB2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRojDFig9TwzBL17vt7AUBspiRZIsERPNmsrICRFHcBg5wN0BzM3S7Y6QG-8sVMIp7OU8ZE5O5CuLgWfCk%2526sig%253DAOD64_22CqB2jC7y1hrzaXdxmAG7NjSMVw%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-CXjBUr68WuCSAoM9U6BkSHlWEKI3VwQBCc2SAaPPmA2AcLBVPyu6-d-98GcxPmkw0JSChnAYBF7WzityzDaz1aQziL0Ujm5Nm7kjMX9m5hQ1QuxKNWltwM-PqADQ-MMWUJxNkwqNax67vUEMGkRCjPxyjwIg%2526cry%253D1%2526dbm_d%253DAKAmf-Cth4r2p8-q1EIchYbYpLZydIs_22PEzpeBlRkKrHbEmq8MSlyrn9RPLVZ8uWUng0sFrSqplVFZAG0Avpu4fV2OGiC3adia86Yj3QCldn-jSuJnhYSD6TSb31bQFWgzys2vj_hwarG8X1E1gutdDsvCZfXaWLp-gatgAcgIdNEZLBZAv2WT9HQ-YYB2oO8vJHOHBv927nwx8tBoMSulVSoVMrKiAb228BwvXtLlfA3vRb6GKw2DYFBUmiSvnxXQ4SalX1WXQ5MfeuzXbn2dGDfJeseiTpTc8iNqqf5PYBUKwIJ6tQwkcgs4ccWtlEFcJUyU6WlXCGMC6r6GXWmJGAVqBsiHO8vXH5Gn_sjE3dA1RHnavBLy7sWwpIf1be8QQQRK2taBdHKptN_alOaAevTJH4MPrOUIcZAV2SRwGNa2eO6RPsdlbR4KbDoEUP0CpoIDB2JT%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:51 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=e132dbbb3a1ac319, intid;desc=9ec7ad57749117dc
cf-ray
659135d77b47074a-FRA
cf-request-id
0a6e9ffaac0000074aadac9000000001
expires
-1

Redirect headers

Date
Wed, 02 Jun 2021 14:00:51 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?insert=AW
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
async_usersync
ib.adnxs.com/ Frame C802 		0
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:51 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.46:80
AN-X-Request-Uuid
655bb868-5900-4a72-996a-bef2eff3d3bb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame F823 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
13382
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a6e9ffb5500004a80cd3ab000000001
cf-ray
659135d88dd84a80-FRA
expires
Wed, 02 Jun 2021 15:00:51 GMT
0AE8D9213BC015B44E3B21A5BB1341B0863B5E508C1642279C53C6015E03A7F3C3E626685B8CD9EC185C4C5F0CA0F7840AC719C4531EA727398D2E88DA79FF0D
assets.ad4m.at/logo/ Frame F823 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/0AE8D9213BC015B44E3B21A5BB1341B0863B5E508C1642279C53C6015E03A7F3C3E626685B8CD9EC185C4C5F0CA0F7840AC719C4531EA727398D2E88DA79FF0D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d557537cfe4da95ea3e1d88d0e618acd6b071206edd475a335cfecdbc01f1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Zq/5nA==, md5=iIXi46kQ9E6GEtZtWZdtPQ==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
581660
cf-polished
qual=85, origFmt=jpeg, origSize=11254
x-guploader-uploadid
ABg5-Uw6cSJzG-xtjji7m6emir2kbeUnUQT7uxTSW9IbHQz5UkotrSqmDeG3ER69CzECRXerBZqTW0CgRjEew9PaAPDrJqbNaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7300
cf-request-id
0a6e9ffb5500004a8097031000000001
last-modified
Wed, 22 Jan 2020 13:14:31 GMT
server
cloudflare
etag
"8885e2e3a910f44e8612d66d59976d3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zcJn5M4rutnOcVoaC7CfU2YgPCoaaRePqDekMVh%2FTztZ2sNMPAMRR8an2qiTfcwfMNb0y8j9EIhgU7tyM3E40PWJpsnVnd9fjY%2B7jeVh1k%2BbJ%2BozVI%2FRJJA5DDdSH7xBS9az%2FOuMjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698871535883
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
11254
accept-ranges
bytes
cf-ray
659135d88ddc4a80-FRA
cf-bgj
imgq:85,h2pri
8764D20FF13330AF7D29196B97100A4A8A6322345BB32651224E51065B07C6E14D4B850C66991AAB90A305D15203F935AAF33984060773F373E160041A38F5E5
assets.ad4m.at/ Frame F823 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/8764D20FF13330AF7D29196B97100A4A8A6322345BB32651224E51065B07C6E14D4B850C66991AAB90A305D15203F935AAF33984060773F373E160041A38F5E5
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab1c897697af8eb8e8ba0d11d61f91251058d7e076c98aff8c389111a0119c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=aLPcIQ==, md5=03tcwYupOS/S0TxL0enqYg==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
813177
cf-polished
origSize=35948, status=webp_bigger
x-guploader-uploadid
ABg5-UxLlO_iFz2UZ2tyxCmTWc-4pNXb72fWTx_xjt2hV7mrgWM049SoNs9yaxgFrqNVaGGecuzD1sISbvzEYNrSyaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34518
cf-request-id
0a6e9ffb5700004a80c8a35000000001
last-modified
Mon, 06 Jan 2020 13:35:35 GMT
server
cloudflare
etag
"d37b5cc18ba9392fd2d13c4bd1e9ea62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=atvJW1xT1PXDeasz22HT%2FQklk%2B0Qxlvz0rYfHZf%2BW7eUgmBATozRjWb9BeDfoE8oN%2BPctTN9yORl0%2BVJ5BbUU%2Bx%2BgqpWeGbMxN8NSGy6NH8BjCkT%2BS7gU4xvxlHi9%2BGBKMX3ZpbC6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1578317735989428
content-type
image/jpeg
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35948
accept-ranges
bytes
cf-ray
659135d88de14a80-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame F823 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2360001&v=15031&q=360235&r=412871&pv=1&pref3=oneid36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15oneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Jun 2021 14:00:51 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
765CADA28032EA300185C97FE43E7DC72FABDA47D1415AC466E300C06C7A0AB18AF86912131BEB110F741B9543117C3D21568E267A167ABCCBBBE58B13D7C018
assets.ad4m.at/logo/ Frame F823 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/765CADA28032EA300185C97FE43E7DC72FABDA47D1415AC466E300C06C7A0AB18AF86912131BEB110F741B9543117C3D21568E267A167ABCCBBBE58B13D7C018
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18e85557b410b509feba9aa0c714e3ccc3b087d65dc74e441cb0c283c2fda93

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=z2KVpg==, md5=seTkOG1XdOiaf134HaymMQ==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1175595
cf-polished
origFmt=png, origSize=48285
x-guploader-uploadid
ABg5-UxgIni2DvSRphHPZ5ZBFt7vdN-b7upfXFVh4j5wFY3Dgu7t-bMImfp87fV5lH2H4OWaw5APVbAyjvE6XaZHbAvP62-TdA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17352
cf-request-id
0a6e9ffb5700004a80d7aa0000000001
last-modified
Fri, 14 Feb 2020 10:25:09 GMT
server
cloudflare
etag
"b1e4e4386d5774e89a7f5df81daca631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Oj9GMK%2BvZX%2BSiiUWcG1bwkOqeftRjqa5yLph7W8YM2BHiOMWRQyVScC7I5VnPC3ogVKSQNGEkDcYcBEBnLkc13PP67Vak0N9%2Fg%2FJgxTIcWEMZ3uKAfP%2F1QVQnmeiRP3MeXFQic%2Fjsg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1581675909379056
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
48285
accept-ranges
bytes
cf-ray
659135d88de34a80-FRA
cf-bgj
imgq:85,h2pri
7B025A97821820F8F2C917E7F60D72A90E74D178FE917AC1604E3FB771317B32A18A15961E76CD2A98B3C503D9425ADDAD3666286B0689E751C2DD365E85E5AA
assets.ad4m.at/ Frame F823 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/7B025A97821820F8F2C917E7F60D72A90E74D178FE917AC1604E3FB771317B32A18A15961E76CD2A98B3C503D9425ADDAD3666286B0689E751C2DD365E85E5AA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9d6d137db4228c3b093fe2a76f583d20ca044fbab08c01545c284d05220a4ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=m/eupA==, md5=wslnJrAljVSmIzm9gZf80w==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1697064
cf-polished
qual=85, origFmt=jpeg, origSize=74782
x-guploader-uploadid
ABg5-UziSO5Tat0UvvWlezzEDyP9szeXB9ywqzLQalr3xJx47cQGAc4-BeBXMtO9UcsBE3isp8uHSQjT5Czm-oEqGtU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
23354
cf-request-id
0a6e9ffb5900004a800c399000000001
last-modified
Fri, 14 Feb 2020 12:27:43 GMT
server
cloudflare
etag
"c2c96726b0258d54a62339bd8197fcd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SbFYcCK0BlS%2BmZaf1P%2Fa8oeam%2Ba2izRpgsNWBHGcXNlMd9GQN21%2FPIwmnWbv%2Fe5oR7hIXmdL5t2VPAbL%2BdpZ4224or5SHd6Spjq0eAQe5oTr89GE%2B6MUvgL3CjyF0QYnGPnfK32CAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1581683263309725
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
74782
accept-ranges
bytes
cf-ray
659135d88de44a80-FRA
cf-bgj
imgq:85,h2pri
/
www.gonser.ch/ Frame F823
Redirect Chain
  • https://cct.connects.ch/tpv.php?t=117617V1843154155B&subid=oneid4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64oneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://cct.gonser.ch/tpv.php?t=117617V1843154155B&subid=oneid4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64oneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0&sdtr=1
  • https://cct.gonser.ch/images/spacer.gif
  • https://www.gonser.ch/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:51 GMT
x-content-type-options
nosniff
server
nginx
content-type
text/html; charset=UTF-8
location
https://www.gonser.ch/
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
assets.ad4m.at/logo/ Frame F823 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=uBT5pw==, md5=m/nGsGI7MZjl8qFjDucXXA==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
991600
cf-polished
origFmt=png, origSize=14365
x-guploader-uploadid
ABg5-UyjM0JnkAyMx_uib7mZJ8Q1edUnVEM2PZkRO4EKpcNy1A3Agm03B0tkil4jn3eJe3vB-XBg9O98hVKFyRw3r9HABmT86Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10826
cf-request-id
0a6e9ffb5700004a8006a49000000001
last-modified
Wed, 22 Jan 2020 13:11:42 GMT
server
cloudflare
etag
"9bf9c6b0623b3198e5f2a1630ee7175c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oxA6W0R9qVOhPnp7c9Nu0AcbeDzTnf3I3SUpyGylHCuSgpAa%2BD0CxLl1bpMTBXR04Iz2FqbtC7DHDt8ZbF33PF6IlfBVceHIHUHruwy4lJ3SRh5EIRK1Nvb01nUuYMRAQbBDrPDzqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698702621217
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
14365
accept-ranges
bytes
cf-ray
659135d88de84a80-FRA
cf-bgj
imgq:85,h2pri
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame F823 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=N32OnA==, md5=J6Z7SGxOZh06HAZkoms1TA==
date
Wed, 02 Jun 2021 14:00:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1246694
cf-polished
origFmt=png, origSize=17719
x-guploader-uploadid
ABg5-Uwu1b4aAsagKzCpF4Lcsnz-T9DQPR4ZSHvRwkv0huGmLExKODWAWlSiljyZhK7pubJ5JuvA3BUKIHt_SZuHtP6iugkCtg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14118
cf-request-id
0a6e9ffb5900004a80c7844000000001
last-modified
Tue, 29 Oct 2019 13:02:31 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FSaw9rYtlHt3SHLTTBi2Ly6r%2Fq%2BygyJzwLTzyTTA%2FPeAzoBAPW5aEk5qOh5LzjK2njutL%2BwpyY3hbC%2F7sQR%2BOmWZgNBMh1ur4pdp%2Bb%2BgbBTAtM6WDhoW%2FFZZbE3qc72%2F1AYE1hXRBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572354151547305
content-type
image/webp
expires
Thu, 03 Jun 2021 14:00:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17719
accept-ranges
bytes
cf-ray
659135d88de94a80-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.ch/ Frame F823
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkXoneid__dc_reach_dbm07awin&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?insert=AW
3 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.ch/ztpv.php?insert=AW
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15728%2C19942%2C14222&b=36ptpfqdewuk1dT7HrHAtEt3R7UMtWT15%2C4M5hEf21zKC2mmHGH9HdtAtreVsdtpT64%2CxYJSQfEgVPHbzMTPHdHztQtWE2tjt6TkX&f=W35trfb7XQa24RHYH5HjtDCbjGf7tETde%2CrrAcQfmAw6SX99fAH7HjtJCrDJswt8TxY%2CYP3Crfz1M5f9d1CVH9HetgCe59CZt1Tpz&c=728&d=90&e=&g=d683df003b06d5525245ad0f75ab53e2%2F7733857011051571496&i=20166%2C27091%2C17712&j=16%2C34%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_dbm07awin&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZ-m5D4-3YM_7DcHX3wP5yonACIrSycRfwsrJmoEL8C4QASCXwNofYPWVzoHgBMgBCakCiZpwXY96tD6oAwGqBMYBT9C62JW5f2zVdJ_JR-1HsuT1tIN7S5t2y39iOAq8nM2h1T5a8Vxb3TKLQpN4rI_TPS89BWVOJTnct-MY2HC3GBf7emP65lZ7CNlRTDnQnFibn8xE0rljjUJxJNo3aBaTdLLN8SUXdAm_iBgPo1UpYhqwpGlbiNnuqrDZ3_ohAikExuvUSj6QPvHbO9Q33lV6vTVgxSn8Qur-KgwM0jwcRRCFjfjMx1pfUNenDAIJ5t9ppmE4s_jHT5fRPwbwWUpT0KzvvJjFwATH8PnrmgHgBAOQBgGgBk2AB4GO8jeoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTQ3MDM3NTQxNzE4MTU2NjaACgOYCwHICwGADAGwE9vL6wLYEwOIFAHYFAHQFQGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoYGfZRBjDrxzYju7Mb0fqe-OO-o0_5vfL-ZM4K3vTxyQDjCF5CT8amrCukq2iK3w_Y23PG6XYw45yaEI%2526sig%253DAOD64_3-XLcFDjLT1HyP-doEa1j2wtRjaA%2526client%253Dca-pub-1274416353693598%2526dbm_c%253DAKAmf-BLH_nKuiBe9whHMHQq8kt_7x1HqZTqasPZsvMxhdC4aFKchyJQ0jpA6xjTaqVy-jnxE_mMBnCG8Rdemro4QookQJmdatv8wyZiJ5DgE02COn2XOWtSOFvIlSngFGgz57OK5EBd2XaQ7W_FuWbltGQlyxK63w%2526cry%253D1%2526dbm_d%253DAKAmf-ClDIvSshFMCVUxMDLhyu0HWIiYJxhJdKC4nfinT7YpVBW-OjhNbu50BP9A2LAevtqdABByGa52epSWwE0PTpQIjFk0R9JI1S4XCy2jH9qcZRYzgXI06QWN3kI4B505ohEKgUj3t97vlbbXNGleDcBg5euqPfJDasgQhpufDmHDgTfmj5CssWg5CxuCXuQzsWawtrM787eVAmqe1OKWI2cFVDl0Bg5tWcKj0jv54hDdoPCgaKTos60Y9L3WwlwBHduoPyE-_1hnZCYbDg_ASN2yhCf6YSh_mNcwRc_TETpkBxV85YbBBIPoCJuh-tiE6HFBVI4xhI8EJUxq8zmwU0EAiCt4UnGwwOCys5lQHKisWYF6P6QoGccFlQxSS5Chc0My5Flw9hp9sFiiY-AjuLwcYSkqbJxZesvCRBSsV943zBiCPiJJ_bcsiKlkqDpxlIOi2b3h%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:00:51 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=aa915ea14771332f, intid;desc=ecaeff38e86ee0d7
cf-ray
659135d8cee0074a-FRA
cf-request-id
0a6e9ffb7b0000074a02864000000001
expires
-1

Redirect headers

Date
Wed, 02 Jun 2021 14:00:51 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?insert=AW
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
hmgoepprod%3Fset%3Dsource%5B%2Fc2%2F60%2Fc26060000f1fcbc9eaee68f67f757b8fc1caf102.jpg%5D%2Corigin%5Bdam%5D%2Ccategory%5B%5D%2Ctype%5BDESCRIPTIVESTILLLIFE%5D%2Cres%5Bm%5D%2Chmver%5B2%5D%26call%3Durl...
hm.adform.net/ Frame D436 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.adform.net/hmgoepprod%3Fset%3Dsource%5B%2Fc2%2F60%2Fc26060000f1fcbc9eaee68f67f757b8fc1caf102.jpg%5D%2Corigin%5Bdam%5D%2Ccategory%5B%5D%2Ctype%5BDESCRIPTIVESTILLLIFE%5D%2Cres%5Bm%5D%2Chmver%5B2%5D%26call%3Durl%5Bfile%3A%2Fproduct%2Fmain%5D
Requested by
Host: 66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
URL: https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2dbb536abda63c41f8313e9abec43cc8ec1fab6eb5817b4c0b6a2f06a0781d69

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:00:51 GMT
Last-Modified
Thu, 20 May 2021 07:28:03 GMT
ETag
"1621495683"
X-HW
1622642449.dop241.fr8.t,1622642449.cds133.fr8.shn,1622642449.dop241.fr8.t,1622642451.cds129.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
60413
/
a1.adform.net/serving/unload/ Frame 1852 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/unload/?version=15&unload=3459499700000477552@@43776674,2641621312494193775,100|4299|0|0|0|0|0|0|0||543|1|||||1|0|0|IygJ-BbeMnlcPlakbYq96fARmy1AeLOTKglIkROY2IKeEFh7OAEmv4m3nyX34Xgm0||1|01|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
a1.adform.net/serving/unload/ Frame CBC7 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/unload/?version=15&unload=3728092294030680943@@43776674,8130143762041940301,42|4299|0|0|0|0|0|0|0||228|1|||||1|0|0|IygJ-BbeMnlcPlakbYq96cpykk-pxjgaf5nRcJVENaKuQhU872pbMYm3nyX34Xgm0||1|01|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
dc_oe=ChMIzfXVlY758AIVooaDBx3JbQU1EAAYACCq09w5QhMIkb-olY758AIVwet3Ch15ZQKI;met=1;&timestamp=1622642458858;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0995 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzfXVlY758AIVooaDBx3JbQU1EAAYACCq09w5QhMIkb-olY758AIVwet3Ch15ZQKI;met=1;&timestamp=1622642458858;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Jun 2021 14:00:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| Modernizr function| yepnope string| GoogleAnalyticsObject function| ga string| yieldlove_site_id object| YLHH object| yieldlove_site_settings object| googletag object| yieldlove_cmd object| pbjsYLHH function| pbjsYLHHChunk object| _pbjsGlobals object| ggeac object| google_js_reporting_queue object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| adsbygoogle number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| as object| buttonAll object| closeButton object| google_persistent_state_async function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| yieldlove_ab object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id function| google_sa_impl object| __google_ad_urls number| google_global_correlator boolean| _gfp_p_ object| google_image_requests object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
.engel-orakel.de/ Name: __gads
Value: ID=2fb4a7444a760dd3-228bda8cb6c80028:T=1622642447:RT=1622642447:S=ALNI_MZi2nVmV-83o8vYI5JhobzKFoFiJg
.engel-orakel.de/ Name: _gid
Value: GA1.2.412187602.1622642447
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.engel-orakel.de/ Name: _gat
Value: 1
.engel-orakel.de/ Name: _ga
Value: GA1.2.119150623.1622642447
engel-orakel.de/ Name: csrf_https-contao_csrf_token
Value: 6r-GugCgfnNsyByT-lLUq_fjU1-5Xnu61Bfq0vsxw5A
engel-orakel.de/ Name: PHPSESSID
Value: 4f8d4c1e61d07cd399eb0bfe59915575

1 Console Messages

Source Level URL
Text
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61227754/20200825234131412/elespacio_victorinox_midfunnel.js(Line 1)
Message:
-+-+-+ Banner Info: [object Object] +-+-+-

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66277dd23379535939c34512cecfb318.safeframe.googlesyndication.com
a1.adform.net
acdn.adnxs.com
ad4m.at
ad4mat.net
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.ch
adservice.google.com
adservice.google.de
adx.adform.net
as.ad4m.at
assets.ad4m.at
bid.g.doubleclick.net
c1.adform.net
cct.connects.ch
cct.gonser.ch
cdn-a.yieldlove.com
cm.g.doubleclick.net
csi.gstatic.com
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
engel-orakel.de
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
hm.adform.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
r.scoota.co
r2---sn-4g5ednsd.c.2mdn.net
r3---sn-4g5ednsd.c.2mdn.net
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
tpc.googlesyndication.com
tracking.yieldlove-ad-serving.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.conrad.ch
www.gonser.ch
www.google-analytics.com
www.google.ch
www.google.com
www.googletagservices.com
x.bidswitch.net
yieldlove-d.openx.net
104.111.239.217
142.250.185.130
142.250.185.162
142.250.185.98
142.250.186.34
151.101.114.49
159.253.128.183
178.250.2.151
18.193.98.4
18.194.175.178
185.29.135.233
185.33.220.145
185.64.189.112
185.64.189.115
185.64.190.80
185.64.190.81
185.86.138.32
2.18.232.130
2.18.233.180
2.18.234.21
205.185.216.10
213.155.156.182
2606:4700:10::6816:1857
2606:4700:20::681a:bd1
2606:4700:3032::6815:57ae
2606:4700::6812:d25f
2620:116:800d:21:f916:5049:f87f:108e
2a00:1158:1000:404::21c
2a00:1288:110:c305::8000
2a00:1450:4001:6e::7
2a00:1450:4001:6e::8
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400d:802::2001
2c0f:fb50:4002:806::2003
3.126.56.137
34.98.64.218
37.157.2.248
37.157.4.23
37.157.4.25
51.210.112.63
52.222.158.74
52.28.120.199
52.28.163.57
52.30.140.199
54.171.74.241
74.125.140.156
76.223.111.131
84.200.5.215
85.114.159.118
01e3b5e22cde0ddc2b04e618ad109ee24c5948565f839935d4a436b8d701611b
03f86b97e2893172cc8b683ea96e95e9b59bcf3b7ef5c154c7570742cbb3e9fb
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672
08b712c780805dc4af0617d7292fd11ffb3e3431172f109eed0007414ba695bf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d2455414a637829305349c54a1210a7c5dc1e47e9f75980e55335c6744ef6a4
0d6656b036c45de84efb1ede94ea26c62ba22f8cc788eefcafd1331f95997644
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f0183a84dde72164b45de0ca8d50e3f2a76245eb0a8d3e16e7d0930f72c9843
0f6b58c7303342fd24c95f35e8420c678a613036707908db3c223a9146c5d53d
10f925d5fdaef6d8572fba84344a1601fbaa2fa87132544132a140da79cd469a
12737d46868dfaf122a6501be374f5277680e76cc2ea2b06dd219cc24c3e7261
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ecd08cb26fb43773052706e7037c79ed54506d196c84549f0f5605980d99eb
14dc68a6a36ac58118d04a63826c9f9ef98c16aed08df65c749b47ff82217330
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a471691cdb08adf480c0c7e9bf51f14c70e82ad67d4a6c485dfbd41d87b2021
1ac342e215bb4fee5b8fd07b19c69fdea6065aa927d364178b368de3d11cfc33
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
210230075609b8e46d45a9ad7d9bebc16812102d08a123d29e54c4344c34548e
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720
21562d94c464eca38dae2ec326d1df2d66d98daab0a93d2457f925abec6106de
24b0bcbe079b9bef5fb897cce6bd391e8dfbe59e4c56f1adc415b797c245ba2c
24e912049f9de52b5849b71de97b610c3e9af3e74a5c13c2f5d9fbadacb7d8cf
26a3d842e5828f779fbd19a127963d8a7936c3cd9c14147d0f52c9aa44e7a87e
273db84cdb98a17d2f73f3d664008e721d350acef40f3e68d944fc3f53832abb
2ab1c897697af8eb8e8ba0d11d61f91251058d7e076c98aff8c389111a0119c1
2acec31169d334f66d515ea09f41aa08e76a683f2e02d522a71646613c88768a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dbb536abda63c41f8313e9abec43cc8ec1fab6eb5817b4c0b6a2f06a0781d69
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0ca463db8ca74acdff8a9e9ee85f9edaf7517427a5bb1a706320a032984b60
2e74b92c19c3724ec401a51e109fade305ea8e6f556f9c9d9eee6ca7f83558c8
2e947aa82625d42bd337f9e5f491ca29f8091bdd95e4369306cc44caa19659d1
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
3626dfe8af785e89e204420120086c24ec6f8b72c320fb2500745b0f47893f95
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
37e9f465fbb939403dad32ae05f527bd6ce5503f3d7dc21f2915fda56d6b566d
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3c918fb1999168045d773b08c095087522484155d1b35cef0d1e574365d3c711
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42a1755320f92a30d62f5b5fdedca636faa827e8a13b951d69529040659c62f1
42ed3ed9916f4b611baac1d7407e0b01e009aaa0f92a208b5cc304b414dff2f0
4319777be101e52d0b11a5e31cbb19c8c4f8051dbefafbba6652dffc4c18be1a
44dce0f645d64eaa6d0f5aaf5b600594939d112429d6eef3a8c87e6ce4d7b163
45303fe5e631e65eb5972dd24d6cdcb289a39c1119ab1f06a791a8c62d6ce75f
45b536f026aaec6990ad1d29304453365e84392d520e2adc4d0473a2618b763d
4765118fee8e0a9cc9b83c9fd2204461b6d9068c431a21cc31d1490d189855ae
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a7a5612685a08000af2945cfe9dce505945ccea47c725e635b21578fc55aa3f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519e7eb4cb5c041d430896b12022586b5e6f113d91a459511e5fdd046d107c02
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
55487b181bed423c75d4190f83de033a68ea829b82020033b84e4b4d1acf2e04
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
579f22d28ea729f4e8815fcceaaa15c0720729a2de5ba75c1de24497034a2f6f
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
599edbddae84c456469a9b9ff96d2e698c698356cb4f6a0cd0c16c4593b9a5de
5bd8f11c9a23815f0d666b95b8abc0c5feb1c8544eb941327149c989e72464a4
5be663c509892a8a6f81ad6287672c71439a7dc17f5805d9a98fc45919b55a52
5d6b65c1d62446c56caeb2ca26462a9f336801b110749cd042e2cbb3f266c703
5f400b330b4f0c7b7228368489ab2d9938dc3552cd8a8cb7415b7ec58a49e922
5f6e1968a7c582ce78c3539a0ce67fec1fbbcd7c4004f5ee05d55e6e0df09eee
5fc4470b0913df7876ddfeda8ceb69dec8250a932a7ca2ad15b6b5b4b7933aa6
60bf49f1a8735373e7b36b7f35426b266d9679186723c16dbe0b29e8a3e931f7
61d1954b9aba0c9aedb8d1338804e817c7262cfc36da94161dab8e3ed7a3a43a
62d4ed118ddebffa743c39b91fe5b433dfafb18c665c5d52841259178661f3da
636bb05f340e39f12a72264e288dacad7f9ebfa7e1ac96a5b42eebf75a97079a
65c1928faa8d6d02957353b3d37ef93f1807b952d66f209b3ca5a7da823cd487
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
68a6cdb614e361f4e0f07268bf7296f4836efeaf0affd39f4d465c7d19293515
6b7aa0a6ef34fd347846284d451a9db1efc8768d339f6e9c18d3d87c121bc568
6c5bba0f3722cc45092baac3921cfade13565f3cc004cf6c7c2ac28125d04cd9
6f4c82f94bcc247bd81040e46ce805d3bfad61f6b4cc513c2433825b9d95a13c
703693c78bd9d40767889804c252a583a336bbd5316b37ad491e2efb653a30f2
70e32cee23c7875d1e287ac8bee6af50cc542a125d293b469888d95c0e9aa8ff
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7698d67b7452ae2e6fcde5278da3baad3dfca1c117942b4c110933170f880087
78085ce3f4223824a635f696a7cef7941e86de618e85d29ebbc060da83ff35f8
7a155d0a3a573f708cbc42c43a378a77ce49cb3255040f8657bf2eca6ddf3e41
7aa8efa19fdaea0b2c0ae31080eb27faddfd1b68d673302eccac3dd921ced2fd
7af34b1d126d117c4c56d456b278da2aa98cd9eba22c7123f4f9cbaaf04be8f8
8283471b09655ce0aa6cd9766e1b23d5de1398c8869588ba7692fdc464a01d3a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8715d4e5497a875ae13c0de0df471d1aa31aff230eab88fdc00fe320ce2cc9ce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8fb101fbfb40f627db5860971a51fd80a9384f0630af3db4eefd351ef04d2c35
91f15d3482b1fb7f5dbad9d244a46591a90baf83d946e2b7d6b606871f88cc0c
91f18fa78c5d9401e9d15f156ab164ea64c043c522ffd27eed303c9f5c53928a
95d557537cfe4da95ea3e1d88d0e618acd6b071206edd475a335cfecdbc01f1d
95d849dcdd929c57cfdd62f2c2bc3254b76c69cd65937babfddc8ad0809c3a59
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
98eed1c77051dd9176d6079c51760483b3e45f31ab777c0d8912a3787aff2301
99bb22ac916a05dd9c7abff4bdccf9f8962b07d1f0aa74b139ed41ba4e14bba0
9d0194f9dbd62690e0ea618eee10ac2c66e4a4649bc3abde1bca8bfd4f8695e2
a0316b38a495bd2a966e40ac01799762bfd442201bc8e96bcf33ca075fa5eca3
a129254a4566619659c5ab635d4232f962f1712c6534146771e562635f4e6723
a34f5f9c88161f572fe8de5bb5a9f462c7683a5f9a3adeaa03c85dee8f6e22e0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8201aec2d9a0e97fbb2bf70209e9b88e4468f4353d9aa132d74801b7b391f63
ac814aa302070b27cf37e9cccef92656695bf8f221cc2c08a31e0d67739db56d
add9cb54a3d4d53f3549b6f5529b9fddb8f8d9fe0323a520576c2b9350937f74
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
affcfe0b8ce82bf8388ccb9602a6f47027643a0a0f59b597cd9b76b6ddaa4194
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20b07f8c7138d5da2b6f3825a4758cb999046db756f8176667c27347f99a641
b253827fb4322a3e51281f57535cc86d30ec38f003be02b0f980b47923acaaa1
b259eaed7bbd20e6276267e341dfda4a067a5d964374a7c04b900299cea34ed2
b27ba46ad704cbf0c522e26ba619cee2dd1ab53a798b167419900bcd0968a8a4
b782edf575a692fd9d171bead2371d1189c21b34d1493614c8a8feac29c9a084
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
ba7311079d0ff80bc71cb046dfbde1d46d6efa4fc18a85abe345baaa3b68bec4
bded46cf7cb5ec9b3fffc77623e5226fc50daf544504dfb9b586871cf94c1342
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c426ca4dd96a20f732c5c803b9fe4a2bfcead93bc919943ca304bbb603ec703c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9d6d137db4228c3b093fe2a76f583d20ca044fbab08c01545c284d05220a4ca
ca113207a63fb10071cb53b8bec6b68fb94ae91928c336084d63049285dfbe9d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d18e85557b410b509feba9aa0c714e3ccc3b087d65dc74e441cb0c283c2fda93
d550da1de4a2ee8124c7b8f50f456f8f56291433150c6e8e3751147c90ea37b1
d626fb9452f42746173bd16800ead95a42ed47314068323019e4ea52c106cf7e
d6f63c530ef07928f2a44c22ba2a9b736702f4aac31baa2821a52682368476bb
de26a8d98ce15f722c5c558e0c613705ad5da7027322ab0d91ce991b7b0ef5a5
e005422c9186f0434fcbd103b83788b47011a7926a7857396a0431dab840b16f
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e624ecea3d3f80486e2d57e869b32f359911961e92ac8bec33ab95ac0dc7e330
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e8323947c3814299b6ffb638f9507e405681934f189496dd4926d2face15d766
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e89f16d707d2f878020cffafa929e3a94bc0a1fafacfc29ee994f18e59e208b2
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
eb4cb90025be42885e1e0c95da14d011e8965347e65e700caed7fd195eff9047
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f057e34464cc6a3ac53f29f643da76366c49aed31fdea85a8f8e66e9a07c7bf7
f1541a3aadaf6cbef7fd7c59aad279836fca47445ea4ad1f88f4535ded557a86
f1cd669bfc0d2fa7a95552bd266c204e8c686e237efcac8fc56ab0cf6f8cff1a
f3d60f540437cf3c93eb4b1aeb5644ff45be79d74cf873c0d774515aa042cd4c
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf
f9f96870cc543227a98081bdce7350bf5aa33dbfd9609b8c69472a092f063228
fb72b02eb35fb8bd913463acd11cad1e00fe85b69a343d374d38b25c45d68f46
fbd56ec8164b46ded97186620c921b7508cf097987a124b26a04c747f9c43950
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
fd5eda47e0f456e44c58fee0a61bd6d825143b60d8d4d68873eb6d46866ef05d