cliqueaqui.bio Open in urlscan Pro
2606:4700:20::681a:77c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cliqueaqui.bio/
Submission Tags: @phishunt_io
Submission: On August 24 via api (August 24th 2022, 9:58:44 pm UTC) from DE — Scanned from DE

Summary HTTP 149 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 27 domains to perform 149 HTTP transactions. The main IP is 2606:4700:20::681a:77c, located in United States and belongs to CLOUDFLARENET, US. The main domain is cliqueaqui.bio.
TLS certificate: Issued by E1 on July 10th 2022. Valid for: 3 months.

This is the only time cliqueaqui.bio was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:20:... 2606:4700:20::681a:77c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::6815:1dd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3 12	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.19.54.25 52.19.54.25	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.201.66 18.195.201.66	16509 (AMAZON-02) (AMAZON-02)
2 2	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:8000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f18:1ac... 2600:1f18:1aca:4281:a87c:4247:778e:2c46	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
149	33

27 2606:4700:20::681a:77c (United States)

ASN13335 (CLOUDFLARENET, US)

cliqueaqui.bio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1dd6 (United States)

ASN13335 (CLOUDFLARENET, US)

clickbusters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.62 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.54.25 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-54-25.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.201.66 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-66.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.7.201.234 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:8000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4281:a87c:4247:778e:2c46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	370 KB
27	cliqueaqui.bio cliqueaqui.bio	9 MB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303 static.doubleclick.net — Cisco Umbrella Rank: 398	104 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 113	788 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	118 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 763 static.adsafeprotected.com — Cisco Umbrella Rank: 589 dt.adsafeprotected.com — Cisco Umbrella Rank: 526	94 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	5 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 jnn-pa.googleapis.com — Cisco Umbrella Rank: 306	32 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	16 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8811 www.google.de — Cisco Umbrella Rank: 6076	1 KB
3	clickbusters.net clickbusters.net	14 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3094	380 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	191 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 327	921 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 634	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1517	484 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1981	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1072	925 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	87 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130 partner.googleadservices.com — Cisco Umbrella Rank: 882	16 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 133	10 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 256	3 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 929	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 588	758 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
149	27

	Domain	Requested by
27	cliqueaqui.bio	cliqueaqui.bio
18	pagead2.googlesyndication.com	cliqueaqui.bio pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
12	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
12	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net cliqueaqui.bio
9	www.youtube.com	clickbusters.net www.youtube.com
9	s0.2mdn.net	cliqueaqui.bio s0.2mdn.net googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com cliqueaqui.bio www.youtube.com
5	www.gstatic.com	googleads.g.doubleclick.net www.youtube.com www.gstatic.com
4	jnn-pa.googleapis.com	www.youtube.com
4	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net www.youtube.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	clickbusters.net	cliqueaqui.bio clickbusters.net
3	region1.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	cliqueaqui.bio www.googletagmanager.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	cliqueaqui.bio
2	fw.adsafeprotected.com	1 redirects cliqueaqui.bio
2	www.googletagservices.com	cliqueaqui.bio googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	www.google.de
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
149	39

This site contains links to these domains. Also see Links.

Domain
youtube.com
facebook.com
instagram.com
clickbusters.net

Subject Issuer	Validity	Valid
*.cliqueaqui.bio E1	`2022-07-10` - `2022-10-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-12` - `2023-05-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://cliqueaqui.bio/
Frame ID: D45D94B46FAE3151DF54857CDAA8CBCC
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: 6AE46D3AFF90B68F5E3251A70266CA20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7827160948747811&output=html&adk=1812271804&adf=3025194257&lmt=1661378317&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcliqueaqui.bio%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661378317518&bpp=6&bdt=799&idt=278&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=350785410866&frm=20&pv=2&ga_vid=141008439.1661378317&ga_sid=1661378318&ga_hid=1224830487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760912%2C44770150%2C44770766%2C21066430%2C31060049&oid=2&pvsid=3184715318203240&tmod=942653706&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=329
Frame ID: E916BAA27BA68BC8E58F5A254259C6CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6171DE3E10FBEAE5C8C73B4DEF0C548
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F107189F4590C93A79359322918A740B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9A4B5D64C6E30249FC1074CCC46C0DF1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5CB78DAD8E38AB97F8AE413DFF7AEF0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNX_JdjVfHi5ufXxpebzH7lwyQFRoZJL4s_jB3Vpzw5DFnbgsMNLQEzbWkHDOWuwXeQj6hikgMMqc7dpPZ6fOPsqrJ36QlSAJqLtv1hDWZSMvVQQZ-7zxut82cqfdVbkJuWWv0paM0oS6VQs9rIeqCCr9iz3EFuc5Jr9JJMnpi9HF9yl0_c
Frame ID: 54B46D5B08E7421CAF74F4B84F6DD232
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5PxNalkEVbW7s_-jdpB9A_wkzRPJuoUKGVQoBPnbMcxgJCO1xIgEMtcsiKRdvwVTnClFuGgceEbGsccOrWbc-S0sOkHT7B04WVC1RU0h0Z9LwoL6szdT_KVYvQb3V6FDCIe2asdCZP8vVYHsXxtg-h5K1qw&dbm_d=AKAmf-A7vaUTp0n27ApryEd9Idg9CYziwftKoYwUN8xtPRJ7rup1WrdLlZ-0TkF9PjBqVvzmMlgeUPz_vNM75dsWjfDTiFN1O25sf6ZxiKH5Kp7SuOOPMLSp4oHLpdtorO_4Et74LEX0CFF5b2zqqWpKIbc-GIAWKv9onb2EG8O6o-D78HY20NBHIGiE-L6fuD0I_KHgNSm7WCh0_ViT6SBDLivVcb39vNspSiDTTXPP-plGXqxeAIfz6j3TEBphijWNcgC2qYhX5VNxjN6TxYdz-fvBJCUWf8WLNyrmsO-31p8V2q77YOQZtDVTvp918DTsIbFpav_BpDFrLNKDaMpoNrzynQ22WuHMA1_fQk-nelJl6ri0TMj9LCwKErYr0pc9wlla4wCrSbLgHjs0YIhNVm1A7ECpwJJtEcOI8HEH5tfNlBxDk2EXPk9IsZo1Xs_YQ7Ng1Al69Au8RP2Z8vzqLga8MWDq0sJjUm5DKGaspHkV2btZXB4wSNiJequwfKMQLMA8bIseJ0BmByuS_dyoBbGbDtQis0UmKO2PHuamh0tcNU52WiyEe5rLCiJWBXVovRcyRn6nYVo7TU5jTE0tIP-TpN5ClC-2pZRuTvrSB507PyzXzq4n-L2cqBVKCAVWq3_wqsPNPaRv_ET-ObBXer4FG7xYD5__jIzBwpd5pgc3dEgVdEiPS7ZjnjfbJ3XlZbcg8fGvADH3H7dQENnWS5j8Sat6UqLnVZxsVJJyVnoW-YMe4To8Wfob3kGBgHgK2UsLdjGWflv2BCck3mGKR1yMykSfNIafqZBTvH3zfvfO5VcMmgaCwWuAPscz5bJTrKfKO-3Fh-8TigoqhdeZQ83suoFvq7RmrhFrjMgnLi9fS4fIJHvSXNM4NEQ-rqOsz_C1S4HlW5MeTOyyZDPbAw8yScwjVsEYGp-gCS_JBc9jM05Cy2NA3MFyfbELJE9oACVccWY2BGWydW9VuLO7yPnmjgVbn6WVhRWNCy74wFc7PyMaE1rhUJ1vmtnx0r90h_NPyz73nB3jdui0Lzg-kzavnUdgJKlFp_PYcK6YauOI5pA2LWIRkWx8-jY3XP_gZHIaEOdeJHl5jCbmGvP_rne3R8WKua0r07Ur7FTrlIS6O-tdKfUjiELuCqEXYSu7xo-CiDeRlmF_uR1ppCvyD3SlijlYSs56RDvxvAhYTGeFxlmDk4O6dhvKQo3WuJKT0pbcB3Cm7H-yfedfkCYq7uOqsgANefvQ9VoIIlApHQw4Cw6xYceZCnRQBH94_PwkFgCLlVZS9hp8wzls9i8a7m1q0Up-TpIqeDuvKxDfKH3dZkc7lzaRhKJ2-YFQIScwlDmTOpbpTtyTkP0HYn9bHQqHRYbWTCn-XFVX6McD27OY_f5V2wnXYtHPxaUWhgoD6LcVLMtx2itrklgkiBMCvqSLA5bvXypJywVGudc1BLSF3ucaFWZ0cbDdLB9CHfH5UA61CYJZgBeQT2tMhOmVlZZCuvBX_BQIfAN-4muzIU2GPEIyNZShqH7XD9jqdlG3n-zWZlv-DhsPEnQbiCLf9by6lDEw9Slp3YuezITRCc7WCcuXGNwrtowdJPvY_fbYU0TDxm1Qdymzw7EjhtFAOPh7cP73eOKJXp9lMHEUt3WZs2H9e_XtBOAyR56QdR9wMHlODTm9lU25wkUudg9RxFTm9cPYXSG6Woq4JoFuzbLPFF8BFvqB4DlfdB6mACC5UmIuWZHOGAbGnmpQ5bexACOVeJL48reWcE54u9H-eg99BndjMvLlXo8HMYB-5MNFcQAnmIPftPNXzOkoW7KAnEWxMBwcvlOhblxiCZ_U0BJaZ9KVOC_jvl7MZ3EL1pT_6zWEouOBbzpAtBo_a2NOPKA6vd9NypI5wxiKfUYfq_2QE04hRm0SdPRL3seNozXjRAeXGSvC27r6GPiEDHN-aN1VA3i5mgLYU1TRNrZuyzU8a9-uPtIqo6hhB1_2cmB7LH-0e3QMvLLnvTNSrW4G-Xhd2UbrnElzft4hdnvV39TP_5gRgUcn6CsB8tPfHX1jmRtpnUf_zQnOApR8wvf2DbOevAdhs67f2YfVf6u5hjs4qttY8AMPohl1FGB7n_bTlJLk4nn-aTM4T-nN3vQTpShu0n-2sbqs0blkjyb2tnK33I7dfSpDG0OU5PhwAgtLm8r55O77vrDH11UHf_vLjz4RVNI_3l6674KZp3q__yXcqXTLh_Er1BbBS0v6uTFIyYxcDitjrCVf7IJKF_EUq0VKeXstHgs9uDnyXrihLc_OW82DGUkcws2Zhzw6schHi2KUY9svk5L5xwsoEJokVQ4T-J-pbzi9rihAJPoP8G1y8G0cBCZqNyaZrSTR8tDvStzIC9e4ju7QehIfUAMj8I3XitdiAeEghOp0VLF60PpkORx7bMaejh4huBCNKxcds57E_YmPAD41N4qJTt9yjWRiamXaLEVO627uxZEbLXR4ZiQgIJd8p6RAD2-_QgrObj4w2vsf7deipY3E6iuMIk54e66j9YdZTm4tfFSSy5YPKvKszxWd6u7YNtX8qx9-gxfirsX6fAByIuNfnkVEGf7JOSHox9Gw4TRof8j-YnefreBwJxEtQ4FkK-s5F9LaK6XwVkfWEaBG4VQFhNhUW_w3Lf3vFlHYNojsd7f-m2_FX2q5ksEcKcyttva1uoHPEdPqlvScKMqatQxB-kW_-MALX58Uqne5G1xbp1vAvjQBZIRRp8BGLQE3jXoB31jNA0VLMv0_aql6kVfCedt0KT3EHB63ZWl8pG-91fxpJ0d5KQktTm9Ch-BqVuvDGqSxQb63BWWrDca3oDuucfBkzuV_R0t-ceebc9x0MjzIkRrSGT558lJbKkm0wyyTIa-CrgVK-A-9BS9kNE1yiVRMIX2fvCyqO2BupiZkFmPftK6G5qUTBTI6PcYnQDQhLHotrVGc1nrdhcTTtoj_DvMpAtUOYAB27hx5YqzkS9A5eDXYvnSHuRCDj0QNBLfz1dIvG9pDrfEFu_y0Vt8bQNONGreTUTQTJDigYotqtGHhHrnzZKbEWKMDwedT1QTEE90MdV2eXBAR6XlLRzuqh531ywE9n20I6HyPf3Tn7IwzGzjHSG87tHroy0r09P7siF7r6UsD3vgypZljxm5lk85a-tGYi4IzDbnfYXUyGM95oq_MucDcAxigEmbRIRSejfXzUJvRCSJB&cid=CAASEuRoUupoPay68cqRDTbaHLTXJw&rfl=2%2Chttps%253A%252F%252Fcliqueaqui.bio%252F%240
Frame ID: 8436C72134F68B11AC58E6A6CC5B63C6
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7A44FAF68A0552795680FBDD84977886
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 052EEF17DB5CE6A5E932942B863661DE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 640A67E74D86926653D06C04643B34A5
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html
Frame ID: 403B159808EE9F542A1837CB7AAC381B
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1EEA39141D72FF0B67EB817B5C9B7BEE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: 0570DD7779442A3C6FDAC5F161F15B3A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: C7191E2186FFB5222FE5C87A7CBC0595
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ds2elrrTizg
Frame ID: 75D32474561C6DE0D9F1C89FEA852C90
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

O melhor link para sua biografia do Instagram - Clique Aqui

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

92 %
HTTPS

63 %
IPv6

27
Domains

39
Subdomains

33
IPs

6
Countries

11245 kB
Transfer

16473 kB
Size

28
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://youtube.com/channel/UCrXQ-lED3tSYeG777ZPEXeg

Search URL Search Domain Scan URL

URL: https://facebook.com/cliqueaqui.bio

Search URL Search Domain Scan URL

URL: https://instagram.com/cliqueiaqui.bio

Search URL Search Domain Scan URL

URL: https://clickbusters.net/
Title: Distribuído por ClickBusters

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpIAd6bxGhdEIUl1O0nbX8&google_cver=1

Request Chain 69

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwafEUq3vSeozBvOGYNVywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpIAd6bxGhdEIUl1O0nbX8&google_cver=1

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH8O9hAXm11ZXez7dWjgczk&google_cver=1

Request Chain 71

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0ODcyMzE2NzAwNDE5ODgwMg%3D%3D

Request Chain 94

https://d.agkn.com/pixel/2175/?google_gid=CAESEGHPxOXVVexFaGWF-19HSN4&google_cver=1&google_push=AehlK4BNsplDVNAuP3-TOlxy92BDJJHKHTJsAKMeH3-dYEgYXUTD1lCEHL3MbYLo_jPqZOB5Bq-9VpTyxj3dri_Moec5nXqCg_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BNsplDVNAuP3-TOlxy92BDJJHKHTJsAKMeH3-dYEgYXUTD1lCEHL3MbYLo_jPqZOB5Bq-9VpTyxj3dri_Moec5nXqCg_g&google_hm=Q0FFU0VHSFB4T1hWVmV4RmFHV0YtMTlIU040

Request Chain 95

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4D18YB72RJrOdRlL54hONeHR5CtHeBzRbCnREZ0WlMR90SBolwlTf3gR7JWQerhwwdk06AncApcAG02uJA1uf0H1vb22n4&google_gid=CAESEO2Aw0JMhKybRufNgu8AlpQ&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4D18YB72RJrOdRlL54hONeHR5CtHeBzRbCnREZ0WlMR90SBolwlTf3gR7JWQerhwwdk06AncApcAG02uJA1uf0H1vb22n4&google_gid=CAESEO2Aw0JMhKybRufNgu8AlpQ&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MjQyMTU4NDIwMDAxNzg2NjUzMjIyOQ%3D%3D&google_push=AehlK4D18YB72RJrOdRlL54hONeHR5CtHeBzRbCnREZ0WlMR90SBolwlTf3gR7JWQerhwwdk06AncApcAG02uJA1uf0H1vb22n4

Request Chain 98

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP18IgW0O4oZ6mL_94TiNdY&google_cver=1&google_push=AehlK4BXO4d9QPrY7wDjbfnw8eToPaPaIA-ddkDqylsxeHFEePOZjtnazViDhAqPvzL7hTrX3-VV3rZaBRQ6359gM3ge7RFMt98 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4NVI5UTEtMVktN0NISQ==&google_push=AehlK4BXO4d9QPrY7wDjbfnw8eToPaPaIA-ddkDqylsxeHFEePOZjtnazViDhAqPvzL7hTrX3-VV3rZaBRQ6359gM3ge7RFMt98

Request Chain 99

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_cver=1&google_push=AehlK4AC0AiNKOl3VIBW_2hfYluSm0tqyYQ_wGfp1P9aV2XjA0fQo9dNBwdzGiY1SVW3v6GBTxAlTmYkQE9hpmdseBirOwyADSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_hm=YwafEUq3vSeozBvOGYNVywAAFDwAAAIB&google_nid=index&google_push=AehlK4AC0AiNKOl3VIBW_2hfYluSm0tqyYQ_wGfp1P9aV2XjA0fQo9dNBwdzGiY1SVW3v6GBTxAlTmYkQE9hpmdseBirOwyADSg

Request Chain 105

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP18IgW0O4oZ6mL_94TiNdY&google_cver=1&google_push=AehlK4CzPMYpp4Np6f-y8-RZPJ9DujbHyKMMXScP7BBYCWitsNxEdPiO9DgRHyKv0-Plc-5hmPstKsES1oyJfCnJnuwrN-EeVjHM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4NVI5UTEtMUotNFhWSQ==&google_push=AehlK4CzPMYpp4Np6f-y8-RZPJ9DujbHyKMMXScP7BBYCWitsNxEdPiO9DgRHyKv0-Plc-5hmPstKsES1oyJfCnJnuwrN-EeVjHM

Request Chain 106

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_cver=1&google_push=AehlK4D4bm3yvYUM3d0911ZnZnbq_aMmVtZY6pFHeoQQMrn_gP9n-WZuONPTj2OaisLLaCYTnd8HYuNV49TLXRQBxWiwysqO0gBS HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_hm=YwafEUq3vSeozBvOGYNVywAAFDwAAAIB&google_nid=index&google_push=AehlK4D4bm3yvYUM3d0911ZnZnbq_aMmVtZY6pFHeoQQMrn_gP9n-WZuONPTj2OaisLLaCYTnd8HYuNV49TLXRQBxWiwysqO0gBS

Request Chain 110

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_EZ8GY-PMLbfZ7_UPy-SXgAc&cbFunctionName=goog_wrapCb_EZ8GY-PMLbfZ7_UPy-SXgAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcliqueaqui.bio&adsafe_type=g&adsafe_url=https%3A%2F%2Fcliqueaqui.bio%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220822%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220822%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7827160948747811%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26xpc%3Dsiz3wUV3xH%26p%3Dhttps%253A%2F%2Fcliqueaqui.bio&adsafe_type=b&adsafe_jsinfo=,id:bedceda3-2671-2b9a-d8fc-ea93d02161b6,c:mfrunn,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7957db8f47-8d7kr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tft4798+11%7C12%7C13%7C1411%7C1412%7C151*.987057-61527017%7C1511%7C1512%7C1513%7C1514,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:24,oid:eab3597a-23f7-11ed-8d7a-7ac1cf0e7f11,v:19.8.344,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

149 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cliqueaqui.bio/ 50 KB
9 KB 534ms
422ms Document
text/html 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a86e94eaa88ad4d08fd51eb63469b0849c3010872d3f3f3971fe51f1c98c01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73ff59c08f2be907-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Aug 2022 21:58:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHZDBKLBMV545DhJ9ckvkio%2FtXNlO8uKoPFn89W%2BnfyCVLcJra5BPMYFH4NP0jCbbMN%2BJ1BOpeyZ90I%2FWehcQXVMPiryiHP6HhF8ZscHr%2F5vFXhnxQ2bggG82QUvCo81YwULjHQZCyCmqFWj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 81UlmTS2R1X4efI1B_apUnbDOgE.js Show response
cliqueaqui.bio/cdn-cgi/apps/head/ 5 KB
2 KB 45ms
42ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/cdn-cgi/apps/head/81UlmTS2R1X4efI1B_apUnbDOgE.js
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 617cb99427fd3713919948888a3aa5ccc90b46f70aa87b090cf9e06f574256b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51673
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EYA33A21E3ZJ7Q67
x-amz-id-2: IkIimT2Ibu/eYKZlKMXchHsUNj2cLEIolbbFtD00lU0R/ufMVqdUeLPTZFYGQBDHh6ggXk6g0i4=
last-modified: Fri, 15 Jul 2022 15:51:26 GMT
server: cloudflare
etag: W/"7c7b8d9f692bb06d7a2bd38186ba9701"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NHx8gmxGG847fkjpRGCNGLOs3R96PivL7Uu84kHLwyVYxyWnLOVyNyysfsL1V%2FJXoeOxRKjMpDbq9%2FYy2sx5rwWz6JKTbE6zh9I9CHSGnS9Sv0F4TLtNX5Sz2lTs8bImMERG5pCdZNEaZja"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: pH8iLFpERicQmBzg5YfSCipxJQBTElf4
cf-ray: 73ff59c3495ce907-MXP

GET
H2 200 bootstrap.min.css
cliqueaqui.bio/themes/altum/assets/css/ 215 KB
32 KB 485ms
483ms Stylesheet
text/css 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/css/bootstrap.min.css?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75fc6b0e19ce6804a2a506bce19ed61f3c08f08c5f98beb16d6dd7277edc1b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 18:11:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6n5mCs1iQKIGz0mGr8CvdL7HJIGgDro%2FA5cGRfWYF6O%2F5RFeqBA0ooQRJliWUhDLJ6ajkoQK0TnjoDD1COGmlRQjv4lWaqcqC9cDchUx1Z1ChCLzUjUfdPds4EjXjv6zTUVgt1rB2SRSLq%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59c3495ee907-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 23 Sep 2022 21:58:40 GMT

GET
H2 200 custom.css
cliqueaqui.bio/themes/altum/assets/css/ 15 KB
4 KB 147ms
146ms Stylesheet
text/css 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/css/custom.css?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4f8aa46535f75ec5cf282f7b8fc4acbc329d5892766f2adef2f6f5209086b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 18:11:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUY6grDMPoF%2FBfPrmm%2BmK5BR6iqWoCfadsz8dgmbQxyZnd9T7ik9vzgVnlPkPO%2BLjMcDiqSfj%2BvxQyD9pnzThvIjN6GiaYXSiNmsnNllYA4ybUdrr3ZCZo6uNN%2FCuP7qNMTpfisSdUmyhvld"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59c3495fe907-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 23 Sep 2022 21:58:39 GMT

GET
H3 200 773e77bd20add123ab9cb9c8808df765.png
cliqueaqui.bio/uploads/main/ 4 KB
4 KB 61ms
59ms Image
image/webp 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/uploads/main/773e77bd20add123ab9cb9c8808df765.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295c2a5486fa9dd0fd4e46cf40a18a8eb529d9244470713bca13dcedbf8850fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4752
cf-polished: origFmt=png, origSize=23646
content-disposition: inline; filename="773e77bd20add123ab9cb9c8808df765.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3662
last-modified: Thu, 02 Jun 2022 14:32:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTgbfejvXOkC9jE1qZuliZGRivdDPbmwdjfFgNsRKS0v0j9JouNRFjoCigs2wgt1ng0%2BD5J2NzakBet1uKaCAqPa3ni4jBZNRSXBrdWfZBcdy4FQDhehITcnUIYFW14mu4RDIs13whC%2FICAu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 24 Aug 2023 20:39:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73ff59c39bda839d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 produto-top.png
cliqueaqui.bio/themes/altum/assets/images/index/ 23 KB
24 KB 483ms
480ms Image
image/png 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/produto-top.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e85841b3deb36a2ee107078d38d11b6efc001d365debdc74f84930c2d177d344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
cf-cache-status: MISS
last-modified: Wed, 24 Aug 2022 17:35:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUyVNClwheW9t9BCxm0ATbxy4tg4vIeiF%2Fd4j5nbyN1McmbGMe4W0MqNV05bNSykwirI11YopPoHDqu48tiJwg%2B0nTlyTVVOEwuSLMvTGuFlKNbBUY7iPSRkp7XiQbQv54XXWF7oDXQkNrla"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c39bde839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23608
expires: Thu, 24 Aug 2023 21:58:40 GMT

GET
H3 200 produto-campeao.png
cliqueaqui.bio/themes/altum/assets/images/index/ 9 KB
10 KB 350ms
348ms Image
image/png 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/produto-campeao.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41c59afa9ccf24a2abd5332f020ce8fdff8dd5b786f8e43d8c2379ab6021446d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
cf-cache-status: MISS
last-modified: Wed, 24 Aug 2022 17:32:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LjEK%2BUCO5TOliSyshAaMv0Vd6tbl5S02NPoyaG8sevTvr7IHqm8WEiA5nv4x1e%2F%2Fe4pOxv76bo0q4aVx1KBPnLDT%2BrMTPlO%2F5EUVJlB7RqIqq%2BHeIvVkfJPiPh1EP1flckTTatguuwsrA0g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c39be1839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9312
expires: Thu, 24 Aug 2023 21:58:40 GMT

GET
H3 200 logo-whatsapp-index.png
cliqueaqui.bio/themes/altum/assets/images/index/ 20 KB
21 KB 461ms
459ms Image
image/png 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/logo-whatsapp-index.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b8d67bb20613f61cb8b8bc7292b623222e90654558a5db29eb20f1bf89ba7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 15:08:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=po9s%2BcJfW8lzne2qI2k6RZ3TofyzZupc%2Bo1Dn6gbTplXl6wo07c0fmrRPEK1ebZQoAmzhnDgNPH1NjUuK2Dk2p9RsNr8Moz1i80UezBqx1US2WqZykoqUHToarvg3XH6yrAWsYeLM91dHC5W"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c39be4839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20853
expires: Thu, 24 Aug 2023 21:58:40 GMT

GET
H3 200 logo-instagram-index.png
cliqueaqui.bio/themes/altum/assets/images/index/ 5 KB
6 KB 38ms
36ms Image
image/webp 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/logo-instagram-index.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df4111bcafd67e886e85105020bd1838bf4b21b81f8f629f0e3ab41fd0631a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20506
cf-polished: origFmt=png, origSize=22610
content-disposition: inline; filename="logo-instagram-index.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5432
last-modified: Tue, 23 Aug 2022 15:08:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7JPFcRoWX3UfP1XZ%2FcCFfQbndKcr3WtycAFZ2DdS65SaGyjY3hfj176xoeU5eJuj%2F6Xl%2FWCNabBp2SlQUA7%2BdXyeaFsi%2FoDCjzVMJBVCAfKGKsDY4mB29HIpqMRMZul0XYvDkhDcMXNH%2FI3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 24 Aug 2023 16:16:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73ff59c39be5839d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 logo-facebook-index.png
cliqueaqui.bio/themes/altum/assets/images/index/ 17 KB
17 KB 458ms
456ms Image
image/png 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/logo-facebook-index.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9193ef2241dcb9e4104e74ab1d822ad3e5628a17177060b6393235ecc1d32fab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 15:08:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjiBc0FrlqVzLGttc0UeWy8u%2Fwi9dISX85p83riZEcUDDfXVu0QEFdUfMLNVFkcxPBOw%2FM5fetibgsI91m4QaWp2BykGFjyH8XmPTzX12sHfUXdDl%2BRcmjyLeZphah9dofe9wVGQWMnD4fwz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c39be9839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17225
expires: Thu, 24 Aug 2023 21:58:40 GMT

GET
H3 200 logo-tik-tok-index.png
cliqueaqui.bio/themes/altum/assets/images/index/ 6 KB
6 KB 63ms
61ms Image
image/webp 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/logo-tik-tok-index.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21a6c327e51dde18dcbe2aa5b9a208c425180a35dce1be933ff57858898b3cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20506
cf-polished: origFmt=png, origSize=23087
content-disposition: inline; filename="logo-tik-tok-index.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5672
last-modified: Tue, 23 Aug 2022 15:08:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgmR7i4pdKCmK9CrBzNTaxQYev1zQd3jUMxr1Rdj%2BPH7vxrInWqCM90LU4J0eK8igQW6xXM6C%2FfC1JH5vCHRWL7C4YX44D42K2c4I5a0CMeW6VRcLoX8EG5%2FJqbG45AanI6Be4x6Edt21Bhb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 24 Aug 2023 16:16:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73ff59c39beb839d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 logo-twitter-index.png
cliqueaqui.bio/themes/altum/assets/images/index/ 762 B
1 KB 63ms
62ms Image
image/webp 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/logo-twitter-index.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f19494379f77b90c8ebe163f1133355e43bd363d67212ea6a18a9d441d2fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20506
cf-polished: origFmt=png, origSize=17372
content-disposition: inline; filename="logo-twitter-index.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 762
last-modified: Tue, 23 Aug 2022 15:08:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kg2su1tsS5vIxn%2Bb6XvD3qe8LVuEHK1b3QoSPdCdiu1%2B8HrLU7GGAIMOa7N67HhXyQuHbjSHE9RpgbDggr9zqNXPYSXP1UtVsNNgrss1%2Fqy6Cmz3duSNaDTSiSgNBWUEdK1yMuHKqDKrfvh3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 24 Aug 2023 16:16:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73ff59c39bec839d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 email-decode.min.js Show response
cliqueaqui.bio/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cliqueaqui.bio/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Aug 2022 16:11:23 GMT
server: cloudflare
etag: W/"62ffb62b-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqJ0BqroBcTbsAor79Da0qxU9O5SvkrcUlT6Bf05whUdntF3w%2FB9GyaT7mPcgg0jytYKSTgDP9E0yGhxYYi8cxm9sRDFd5X%2FL5E09%2BOIcFp4xd%2FGwS7ItaHKhXOKY5%2F614gRGsGayn0fNfn9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59c39bcf839d-MXP
vary: Accept-Encoding
expires: Fri, 26 Aug 2022 21:58:39 GMT

GET
H3 200 cookieconsent.css
cliqueaqui.bio/themes/altum/assets/css/libraries/ 17 KB
5 KB 61ms
58ms Stylesheet
text/css 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/css/libraries/cookieconsent.css?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f5deeb70304ee2c72a71f4f164cb1f7f5be84b1e89e521f41d70e5d0c9dedb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89766
cf-polished: origSize=23506
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 18:13:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITLlwMyosedZRFBzUjXQ46so70PBqTSiVO%2BgFoH7OVv4GHl9L0em2UCrACxpdtn0%2BS5UVfNJaUHBzkqzm7k0UJ92nGfbiAek3t%2FoU71Bu6W6sDO24pXOVOHRuDFfns5iHSLAyg2ykYbFkQeS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 73ff59c39bd8839d-MXP
expires: Thu, 22 Sep 2022 21:02:33 GMT

GET
H3 200 rocket-loader.min.js Show response
cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 33ms
31ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Aug 2022 16:11:23 GMT
server: cloudflare
etag: W/"62ffb62b-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9aU%2BazhrvP3UECyVnyK0gStIGkDirR84uaGnt1xDutJcgZojZNT9Ytohll5uGBrvCAAYDlDRxiYXa3HoG%2BgyaHzoK%2BeecZkiThXZMXoZ28AwwhDal6DrRZt4ldiQYl3QZxjDID4%2BGNNeGJP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59c39bed839d-MXP
vary: Accept-Encoding
expires: Fri, 26 Aug 2022 21:58:39 GMT

GET
H3 200 TXeQzIlZ2-RMxveFmfgfoEOkoGA.js Show response
cliqueaqui.bio/cdn-cgi/apps/body/ 4 KB
2 KB 54ms
52ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/cdn-cgi/apps/body/TXeQzIlZ2-RMxveFmfgfoEOkoGA.js
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/apps/head/81UlmTS2R1X4efI1B_apUnbDOgE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592a703f1344de86897f1daa608067df3692637054b03297c0e5c3babec9b916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3475366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7WCW2RE7VNXBS76F
x-amz-id-2: FXND9n9XEs5ie36uE/dEVm3C2JKy16MJW1QCwDFf5jp495S07ilzg8p66nmO+blw7hRzEeFfgfs=
last-modified: Fri, 15 Jul 2022 15:51:25 GMT
server: cloudflare
etag: W/"354910c449dfd99ad45c76617242c7a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xElvk%2BBxEiK3KSyhcpUJiYyOH1HALo1nozWpa0sOCWxI4%2Fc99z0WhmW9A39ClF6V%2FM9By9SuMb1gAHCvIyUNRRTb9dgaVu%2BF1TYZrt1%2BoRX738w9Oeu3O4xQ3GTeAKpoK4%2FXzlNNZOozijGB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: XEd.xSZBlj24UBeCBISewt5eTb3IbKzf
cf-ray: 73ff59c39bef839d-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 73ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BLV447KTTY

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/apps/body/TXeQzIlZ2-RMxveFmfgfoEOkoGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb4b6a1474bea608b2d961085e2ce759b9f4611179d28d6c20ffd4b0e77e58b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72771
x-xss-protection: 0
expires: Wed, 24 Aug 2022 21:58:40 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 75ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BLV447KTTY&gtm=2oe8m0&_p=1224830487&cid=141008439.1661378317&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661378316&sct=1&seg=0&dl=https%3A%2F%2Fcliqueaqui.bio%2F&dt=O%20melhor%20link%20para%20sua%20biografia%20do%20Instagram%20-%20Clique%20Aqui&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BLV447KTTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cliqueaqui.bio
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero.png
cliqueaqui.bio/themes/altum/assets/images/ 170 KB
170 KB 551ms
550ms Image
image/png 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/hero.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06cd7cc7021bf6dffba812bae048e99c3c2da3f45219ca5ae07b714129001c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 18:11:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOtqQNrnDuzVajBhhUCeeodsoW7X8vWJe6mgTDCRuTDxr24s9hTcaX6r1mMHuqOFg1xdz5nsg0NF2WwhaHslNhdFUXWtkEln3KINglfEuEyyXVAy2WJLVlqPoNZg4PckvztEUct5XqgWpaJS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c72a1d839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 173784
expires: Thu, 24 Aug 2023 21:58:40 GMT

GET
H3 200 temas.gif
cliqueaqui.bio/themes/altum/assets/images/index/ 8 MB
8 MB 571ms
570ms Image
image/gif 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/temas.gif
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e8acd31da37ad322ae9539ca10f4682b18aa453f889229f90ec6626dbfa263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 14:33:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxM3m9EHD45oBnbknOVEAjr8yUfPKJIABY2ZaufdXwXPG3UjcUH12b1Lgr%2FvlDa1yq2oZZk7NRkoqhzBUF6M2GBtVpMMJWIR%2B3CKj5rdadrgF2QglxqqM65MSMADvBI5WLskSMC0zyS%2F1ewa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c72a21839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8653511
expires: Thu, 24 Aug 2023 21:58:40 GMT

GET
H3 200 short-link.png
cliqueaqui.bio/themes/altum/assets/images/index/ 20 KB
21 KB 695ms
694ms Image
image/png 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/short-link.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5086584a19523daa99a88944c5bf8aeaa702c2869bd98319dc60187b3ac2235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 18:15:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FM3U1%2BWTmQaqjs%2B2RZwnL6%2BxrCoY1rS%2FdpG3LhAOztxKsGQxFF1l12DjUfsf4h8Ct%2F6Z5eMDzdFYG%2B1JimaFsUVgIbcC6lGJ0WKvwMh5OOTCSUla3QFm63kUlOeYCS4Pq%2Blssll4pg%2FE90A"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c72a23839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20559
expires: Thu, 24 Aug 2023 21:58:41 GMT

GET
H3 200 qr-code.png
cliqueaqui.bio/themes/altum/assets/images/index/ 35 KB
35 KB 462ms
461ms Image
image/png 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/qr-code.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e7c43b6accb83ca7a569bc6d04d47e092cf9102425f805f1831b1b95623119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 18:15:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JtmXTh39i2mGSfBjYIFvQvO8XRStvlVx4Z2yYQbafJ%2FHb%2BkAvDHdH4FXlqd9A7Ikmt96wpw50XpCUFQIpG5Ap%2BZWUt8AiSO0njFqdhPtdBoZcqa6qY8WRfmnT3fO6hbnMdJ0fz%2BKPjtfBg8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c72a25839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35429
expires: Thu, 24 Aug 2023 21:58:40 GMT

GET
H3 200 analytics.png
cliqueaqui.bio/themes/altum/assets/images/index/ 25 KB
26 KB 449ms
449ms Image
image/png 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cliqueaqui.bio/themes/altum/assets/images/index/analytics.png
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66709134b78be33fa53bd53207197318fc0e44c0c12781382032df31d2dd7d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Aug 2022 18:15:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjQ2IgmwENFBZBb8hPItrNy21GtY6Pjkkb01845rvE%2FGe363r5SXCmbbGe%2FTJ1COOTOn4QtbeWMa5XeMDQIdx17SazrRDuVkj2R%2BOOyOHJB0QlF48RPmra21siZ%2F2kWKPaGsyy9dmcVx81yh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73ff59c72a27839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25570
expires: Thu, 24 Aug 2023 21:58:40 GMT

GET
H3 200 cookieconsent.js Show response
cliqueaqui.bio/themes/altum/assets/js/libraries/ 19 KB
7 KB 40ms
39ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/js/libraries/cookieconsent.js?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263aab4dfc3fb45c3b1b667ab35bdc102675d6a3e16a34eceddd4d3ae7c45e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87897
cf-polished: origSize=19501
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 18:15:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rY%2BLtjGJaRPwRFjEqH7EIOV%2B%2Fu8zvoO3OyzsPNgS0%2FWLTDOENCh7FZMZE1WuneQApfUuhbYMYgLmlw9bbrIAJwHc%2F0Vv2jlEL%2F%2FfXjGniEmm0bh58OERGnFyPOSH6bwkuOQ%2B58UsQ%2BH1Bcd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73ff59c75a79839d-MXP
expires: Thu, 22 Sep 2022 21:33:43 GMT

GET
H3 200 fontawesome-all.min.js Show response
cliqueaqui.bio/themes/altum/assets/js/libraries/ 1 MB
426 KB 65ms
63ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/js/libraries/fontawesome-all.min.js?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 18:15:18 GMT
server: cloudflare
age: 87897
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzQXzLgJOxENtslfkoPHpcXmmEhppf%2BSd8xZzgRuazb0cBdYPnRS42ob6%2BeYsI0LAspXMsbxA7IZz20Is%2BQY%2F46IBfrHCmnqzqXWsStUgfqz596a7NRinfobBn8ZsoXTTV9rDAtYHj3dTimd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59c75a7a839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 22 Sep 2022 21:33:43 GMT

GET
H3 200 custom.js Show response
cliqueaqui.bio/themes/altum/assets/js/ 23 KB
6 KB 41ms
40ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/js/custom.js?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84ec976cd756ca9d0a7cbe60a44397cf9190bbf6077190a4eb4a3446ee493f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87897
cf-polished: origSize=25529
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 18:11:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3P2YVTw0lqza2R9hBqpI4VNwWVnw0%2Fj85yyiOnaLRPfwXFLxTvx3XHzESOPQsl1o5bdwO1Y3F8q%2BOwoTPADEwQmU3TE4t92REy60Ju%2BYg6nW1fBx90Hz7S0HC5qQ7%2FKVwiKmpCJe8%2BIvu1jk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73ff59c75a7b839d-MXP
expires: Thu, 22 Sep 2022 21:33:43 GMT

GET
H3 200 bootstrap.min.js Show response
cliqueaqui.bio/themes/altum/assets/js/libraries/ 62 KB
16 KB 40ms
39ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/js/libraries/bootstrap.min.js?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef771d2e517167fe65b281ebbd263d11f079c3a07e91d022a7d1e79d558d7c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 18:15:14 GMT
server: cloudflare
age: 87897
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEmI8a%2B4u9e4F7ONh8gZhRwzkdJ1NGhxgoDtqeSZNv5pD0whdlCHtJHyNHsE%2B25HdARSKtjtentf5IbfmX75RX959%2Bab0EuLx6B1Y2LAJepo%2BVSR%2FwBl53cMpTkfyRfZMOGLhVxbzKXTp1x2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59c75a7c839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 22 Sep 2022 21:33:43 GMT

GET
H3 200 popper.min.js Show response
cliqueaqui.bio/themes/altum/assets/js/libraries/ 19 KB
7 KB 41ms
40ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/js/libraries/popper.min.js?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 18:15:23 GMT
server: cloudflare
age: 87897
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PHEuTQ92Zp2tzxZIeduvQ8RCySsUW8Bc6zK6i6neBjZQ3t9urZazQe8YayNctMBnG1a8sFxQXXXB0cbZKyfVqpDJAMTo0TXFhdAtrip3e6c3SparcVVpLY%2B73uckZawKj2kmmJbjP%2FgXdDp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59c75a7d839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 22 Sep 2022 21:33:43 GMT

GET
H3 200 jquery.min.js Show response
cliqueaqui.bio/themes/altum/assets/js/libraries/ 87 KB
32 KB 42ms
41ms Script
application/javascript 2606:4700:20::681a:77c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cliqueaqui.bio/themes/altum/assets/js/libraries/jquery.min.js?v=2410
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:77c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 18:15:20 GMT
server: cloudflare
age: 87897
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNUk9hiGkPSbMsk1jmaIIzDA9vWZ0TSrSbHYj7%2B5BTvm7MHpoR2%2BdKF6blVMwmxouhqBKF5Od5kYI%2B43JwNIWtT8PRze%2FrD9cVduyVc9%2FI3WjrPVH6f5TqidUxgzEHTcNRo0joltUJU82Lv6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59c75a7f839d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 22 Sep 2022 21:33:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 90ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7827160948747811

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c0476a0963f48ab7d40ef00cff0d04dc6df88406e90a931ba4d5ba3fb9195ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cliqueaqui.bio/
Origin: https://cliqueaqui.bio
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57627
x-xss-protection: 0
server: cafe
etag: 2078089175481813543
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 21:58:40 GMT

GET
H2 200 rnsy4iuoz237edmikzhprm5j1xb46nxq Show response
clickbusters.net/pixel/ 33 KB
7 KB 1384ms
1291ms Script
application/javascript 2606:4700:3036::6815:1dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clickbusters.net/pixel/rnsy4iuoz237edmikzhprm5j1xb46nxq
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec9adaf790ff95c3650b8fd8c47e457612907894aa0013a03c4ec856e86211c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: cache
date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2Fib4%2FFihs0UIyQpgB%2Fm%2Bs9b7y4%2FwUIMkLCk9rhtWLftkMSvFGRZrgC%2FXSWG1UekYeumksOUsrUfEhExQZ%2B%2FId7bpjvFnExmMsTxVERPKISDIsFnKvfHefJR6x47KUzPVL8Pk6i8kvIEcDrU%2BK61"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0
cf-ray: 73ff59c7f9c6bab1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 24 Aug 2022 21:58:41 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
48 KB 62ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8F742Z

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d540d540aad503ba5101f39badde928f448b46bec380d4cf9ae719628b339f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49057
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Aug 2022 21:58:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3W7P76B7HY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8F742Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f11ac0486150681517a0bda16d6fd683928abf4c558405eeca2d323bcb7ee9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73381
x-xss-protection: 0
expires: Wed, 24 Aug 2022 21:58:40 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 89ms
34ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8F742Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15682
x-xss-protection: 0
server: cafe
etag: 14097944420163075165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 21:58:40 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 341 KB
120 KB 80ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7827160948747811&plah=cliqueaqui.bio

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7827160948747811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56b7385d5d94a04b36543b68a5079a220ef00c0dd4f114b6390a9d9c9fa9eb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122736
x-xss-protection: 0
server: cafe
etag: 8634061882617057086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 21:58:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame 6AE4 10 KB
5 KB 68ms
16ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7827160948747811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cliqueaqui.bio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 07:10:44 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 07:10:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 56ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3W7P76B7HY&gtm=2oe8m0&_p=1224830487&cid=141008439.1661378317&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661378317&sct=1&seg=0&dl=https%3A%2F%2Fcliqueaqui.bio%2F&dt=O%20melhor%20link%20para%20sua%20biografia%20do%20Instagram%20-%20Clique%20Aqui&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3W7P76B7HY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cliqueaqui.bio
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 83ms
51ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7827160948747811
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cliqueaqui.bio/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10973308689/ 2 KB
1 KB 61ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10973308689/?random=1661378317753&cv=9&fst=1661378317753&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcliqueaqui.bio%2F&tiba=O%20melhor%20link%20para%20sua%20biografia%20do%20Instagram%20-%20Clique%20Aqui&auid=684518468.1661378317&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8225c63a27e7bb8459d4072a2f2f97bb03a0ed2edad34bbb9bbc4ed65006a449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
645 B 405ms
24ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cliqueaqui.bio&callback=_gfp_s_&client=ca-pub-7827160948747811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7827160948747811&plah=cliqueaqui.bio

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

c2700ba94d7de4fe015865897aa564f7d84c44a64919a486966c2295efd217b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 93ms
25ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cliqueaqui.bio

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 77ms
25ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cliqueaqui.bio

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E916 172 KB
51 KB 602ms
601ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7827160948747811&output=html&adk=1812271804&adf=3025194257&lmt=1661378317&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcliqueaqui.bio%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661378317518&bpp=6&bdt=799&idt=278&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=350785410866&frm=20&pv=2&ga_vid=141008439.1661378317&ga_sid=1661378318&ga_hid=1224830487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760912%2C44770150%2C44770766%2C21066430%2C31060049&oid=2&pvsid=3184715318203240&tmod=942653706&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=329

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af38c0bd61e5c52eec6d1cd41c6a02851179d2e340224225334940d2ee485d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cliqueaqui.bio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 52077
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 21:58:41 GMT
expires: Wed, 24 Aug 2022 21:58:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 30ms
29ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eee2e67ec33cd1f8b2cad3a6e5802718ce289bfbd496ea34728024a829e4c0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11177
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/10973308689/ 42 B
548 B 73ms
33ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10973308689/?random=1661378317753&cv=9&fst=1661374800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8m0&sendb=1&frm=0&url=https%3A%2F%2Fcliqueaqui.bio%2F&tiba=O%20melhor%20link%20para%20sua%20biografia%20do%20Instagram%20-%20Clique%20Aqui&async=1&fmt=3&is_vtc=1&random=2978727361&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10973308689/ 42 B
548 B 68ms
27ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10973308689/?random=1661378317753&cv=9&fst=1661374800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8m0&sendb=1&frm=0&url=https%3A%2F%2Fcliqueaqui.bio%2F&tiba=O%20melhor%20link%20para%20sua%20biografia%20do%20Instagram%20-%20Clique%20Aqui&async=1&fmt=3&is_vtc=1&random=2978727361&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 82ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 21:58:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D617 13 KB
5 KB 50ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cliqueaqui.bio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 21:49:36 GMT
expires: Thu, 24 Aug 2023 21:49:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F107 783 B
533 B 97ms
63ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

645b54b527133d298ef127b4b3a29a42561b4166d1970cfbac3c45f3ab39dc78

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JkzkTwcZQQBTJM-swoymuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cliqueaqui.bio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-JkzkTwcZQQBTJM-swoymuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 21:58:41 GMT
expires: Wed, 24 Aug 2022 21:58:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame D617 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 07:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 07:47:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F107 0
0 49ms
48ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=3184715318203240&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D617 0
10 B 16ms
16ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GTWtcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 150 KB
53 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56c6448c03e914d41abbdd7e515e74dd1da2beba37998d75b82af874882ffcbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54625
x-xss-protection: 0
server: cafe
etag: 8690048131520608851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 21:58:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-7827160948747811&eid=44759876%2C44759927%2C44759837%2C44760912%2C44770150%2C44770766%2C21066430%2C31060049

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-7827160948747811&eid=44759876%2C44759927%2C44759837%2C44760912%2C44770150%2C44770766%2C21066430%2C31060049

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 60ms
24ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cliqueaqui.bio

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 59ms
25ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cliqueaqui.bio

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame 9A4B 10 KB
4 KB 15ms
15ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cliqueaqui.bio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 20:53:07 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 20:53:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame 5CB7 10 KB
4 KB 15ms
15ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cliqueaqui.bio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 20:53:07 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 20:53:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 9A4B 4 KB
1 KB 69ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 20:12:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Aug 2022 21:58:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Aug 2022 21:58:41 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9A4B 205 B
742 B 70ms
16ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:38:32 GMT
x-content-type-options: nosniff
age: 1209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 24 Aug 2023 21:38:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9A4B 604 B
694 B 71ms
17ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:30:43 GMT
x-content-type-options: nosniff
age: 1678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 24 Aug 2023 21:30:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 9A4B 19 KB
8 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:52:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 54B4 624 B
297 B 26ms
25ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNX_JdjVfHi5ufXxpebzH7lwyQFRoZJL4s_jB3Vpzw5DFnbgsMNLQEzbWkHDOWuwXeQj6hikgMMqc7dpPZ6fOPsqrJ36QlSAJqLtv1hDWZSMvVQQZ-7zxut82cqfdVbkJuWWv0paM0oS6VQs9rIeqCCr9iz3EFuc5Jr9JJMnpi9HF9yl0_c

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 21:58:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8436 92 KB
35 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5PxNalkEVbW7s_-jdpB9A_wkzRPJuoUKGVQoBPnbMcxgJCO1xIgEMtcsiKRdvwVTnClFuGgceEbGsccOrWbc-S0sOkHT7B04WVC1RU0h0Z9LwoL6szdT_KVYvQb3V6FDCIe2asdCZP8vVYHsXxtg-h5K1qw&dbm_d=AKAmf-A7vaUTp0n27ApryEd9Idg9CYziwftKoYwUN8xtPRJ7rup1WrdLlZ-0TkF9PjBqVvzmMlgeUPz_vNM75dsWjfDTiFN1O25sf6ZxiKH5Kp7SuOOPMLSp4oHLpdtorO_4Et74LEX0CFF5b2zqqWpKIbc-GIAWKv9onb2EG8O6o-D78HY20NBHIGiE-L6fuD0I_KHgNSm7WCh0_ViT6SBDLivVcb39vNspSiDTTXPP-plGXqxeAIfz6j3TEBphijWNcgC2qYhX5VNxjN6TxYdz-fvBJCUWf8WLNyrmsO-31p8V2q77YOQZtDVTvp918DTsIbFpav_BpDFrLNKDaMpoNrzynQ22WuHMA1_fQk-nelJl6ri0TMj9LCwKErYr0pc9wlla4wCrSbLgHjs0YIhNVm1A7ECpwJJtEcOI8HEH5tfNlBxDk2EXPk9IsZo1Xs_YQ7Ng1Al69Au8RP2Z8vzqLga8MWDq0sJjUm5DKGaspHkV2btZXB4wSNiJequwfKMQLMA8bIseJ0BmByuS_dyoBbGbDtQis0UmKO2PHuamh0tcNU52WiyEe5rLCiJWBXVovRcyRn6nYVo7TU5jTE0tIP-TpN5ClC-2pZRuTvrSB507PyzXzq4n-L2cqBVKCAVWq3_wqsPNPaRv_ET-ObBXer4FG7xYD5__jIzBwpd5pgc3dEgVdEiPS7ZjnjfbJ3XlZbcg8fGvADH3H7dQENnWS5j8Sat6UqLnVZxsVJJyVnoW-YMe4To8Wfob3kGBgHgK2UsLdjGWflv2BCck3mGKR1yMykSfNIafqZBTvH3zfvfO5VcMmgaCwWuAPscz5bJTrKfKO-3Fh-8TigoqhdeZQ83suoFvq7RmrhFrjMgnLi9fS4fIJHvSXNM4NEQ-rqOsz_C1S4HlW5MeTOyyZDPbAw8yScwjVsEYGp-gCS_JBc9jM05Cy2NA3MFyfbELJE9oACVccWY2BGWydW9VuLO7yPnmjgVbn6WVhRWNCy74wFc7PyMaE1rhUJ1vmtnx0r90h_NPyz73nB3jdui0Lzg-kzavnUdgJKlFp_PYcK6YauOI5pA2LWIRkWx8-jY3XP_gZHIaEOdeJHl5jCbmGvP_rne3R8WKua0r07Ur7FTrlIS6O-tdKfUjiELuCqEXYSu7xo-CiDeRlmF_uR1ppCvyD3SlijlYSs56RDvxvAhYTGeFxlmDk4O6dhvKQo3WuJKT0pbcB3Cm7H-yfedfkCYq7uOqsgANefvQ9VoIIlApHQw4Cw6xYceZCnRQBH94_PwkFgCLlVZS9hp8wzls9i8a7m1q0Up-TpIqeDuvKxDfKH3dZkc7lzaRhKJ2-YFQIScwlDmTOpbpTtyTkP0HYn9bHQqHRYbWTCn-XFVX6McD27OY_f5V2wnXYtHPxaUWhgoD6LcVLMtx2itrklgkiBMCvqSLA5bvXypJywVGudc1BLSF3ucaFWZ0cbDdLB9CHfH5UA61CYJZgBeQT2tMhOmVlZZCuvBX_BQIfAN-4muzIU2GPEIyNZShqH7XD9jqdlG3n-zWZlv-DhsPEnQbiCLf9by6lDEw9Slp3YuezITRCc7WCcuXGNwrtowdJPvY_fbYU0TDxm1Qdymzw7EjhtFAOPh7cP73eOKJXp9lMHEUt3WZs2H9e_XtBOAyR56QdR9wMHlODTm9lU25wkUudg9RxFTm9cPYXSG6Woq4JoFuzbLPFF8BFvqB4DlfdB6mACC5UmIuWZHOGAbGnmpQ5bexACOVeJL48reWcE54u9H-eg99BndjMvLlXo8HMYB-5MNFcQAnmIPftPNXzOkoW7KAnEWxMBwcvlOhblxiCZ_U0BJaZ9KVOC_jvl7MZ3EL1pT_6zWEouOBbzpAtBo_a2NOPKA6vd9NypI5wxiKfUYfq_2QE04hRm0SdPRL3seNozXjRAeXGSvC27r6GPiEDHN-aN1VA3i5mgLYU1TRNrZuyzU8a9-uPtIqo6hhB1_2cmB7LH-0e3QMvLLnvTNSrW4G-Xhd2UbrnElzft4hdnvV39TP_5gRgUcn6CsB8tPfHX1jmRtpnUf_zQnOApR8wvf2DbOevAdhs67f2YfVf6u5hjs4qttY8AMPohl1FGB7n_bTlJLk4nn-aTM4T-nN3vQTpShu0n-2sbqs0blkjyb2tnK33I7dfSpDG0OU5PhwAgtLm8r55O77vrDH11UHf_vLjz4RVNI_3l6674KZp3q__yXcqXTLh_Er1BbBS0v6uTFIyYxcDitjrCVf7IJKF_EUq0VKeXstHgs9uDnyXrihLc_OW82DGUkcws2Zhzw6schHi2KUY9svk5L5xwsoEJokVQ4T-J-pbzi9rihAJPoP8G1y8G0cBCZqNyaZrSTR8tDvStzIC9e4ju7QehIfUAMj8I3XitdiAeEghOp0VLF60PpkORx7bMaejh4huBCNKxcds57E_YmPAD41N4qJTt9yjWRiamXaLEVO627uxZEbLXR4ZiQgIJd8p6RAD2-_QgrObj4w2vsf7deipY3E6iuMIk54e66j9YdZTm4tfFSSy5YPKvKszxWd6u7YNtX8qx9-gxfirsX6fAByIuNfnkVEGf7JOSHox9Gw4TRof8j-YnefreBwJxEtQ4FkK-s5F9LaK6XwVkfWEaBG4VQFhNhUW_w3Lf3vFlHYNojsd7f-m2_FX2q5ksEcKcyttva1uoHPEdPqlvScKMqatQxB-kW_-MALX58Uqne5G1xbp1vAvjQBZIRRp8BGLQE3jXoB31jNA0VLMv0_aql6kVfCedt0KT3EHB63ZWl8pG-91fxpJ0d5KQktTm9Ch-BqVuvDGqSxQb63BWWrDca3oDuucfBkzuV_R0t-ceebc9x0MjzIkRrSGT558lJbKkm0wyyTIa-CrgVK-A-9BS9kNE1yiVRMIX2fvCyqO2BupiZkFmPftK6G5qUTBTI6PcYnQDQhLHotrVGc1nrdhcTTtoj_DvMpAtUOYAB27hx5YqzkS9A5eDXYvnSHuRCDj0QNBLfz1dIvG9pDrfEFu_y0Vt8bQNONGreTUTQTJDigYotqtGHhHrnzZKbEWKMDwedT1QTEE90MdV2eXBAR6XlLRzuqh531ywE9n20I6HyPf3Tn7IwzGzjHSG87tHroy0r09P7siF7r6UsD3vgypZljxm5lk85a-tGYi4IzDbnfYXUyGM95oq_MucDcAxigEmbRIRSejfXzUJvRCSJB&cid=CAASEuRoUupoPay68cqRDTbaHLTXJw&rfl=2%2Chttps%253A%252F%252Fcliqueaqui.bio%252F%240

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0ef6db2d78dc06e456309758ed57be09a36500e96755cddbad58333119fad75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 8436 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:54:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 8436 17 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:55:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8436 140 KB
44 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 21:58:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8436 42 B
63 B 52ms
51ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAfpW7OfLUgDedhhwiVA9fGd0t-Lu20D3-mtApHbP7aqbP1cVdrn1pItrFI-Nsy-PAxgLVWmp3DKEPHOnWoWHib9DPLU8aTtlhvggeB-p2Tr3VyP4

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 54B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpIAd6bxGhdEIUl1O0nbX8&google_cver=1

43 B
909 B

123ms
94ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpIAd6bxGhdEIUl1O0nbX8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNX_JdjVfHi5ufXxpebzH7lwyQFRoZJL4s_jB3Vpzw5DFnbgsMNLQEzbWkHDOWuwXeQj6hikgMMqc7dpPZ6fOPsqrJ36QlSAJqLtv1hDWZSMvVQQZ-7zxut82cqfdVbkJuWWv0paM0oS6VQs9rIeqCCr9iz3EFuc5Jr9JJMnpi9HF9yl0_c
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73ff59d08942d3cc-CDG
pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0AMkFn9lGr1E1Q7LfWb4y1%2FHaL104Aj6i5clL3H9P8JKciLJT8wDcrESjtSmD8g%2BVJ%2BO3VdH0eg7QaUm3MUwJ13veVT5H9gwLiNGoSMwQAiPCiC44TWiMMXVOsJBACoaJaHQ4myu%2BPwdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpIAd6bxGhdEIUl1O0nbX8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 54B4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwafEUq3vSeozBvOGYNVywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpIAd6bxGhdEIUl1O0nbX8&google_cver=1

43 B
913 B

54ms
53ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpIAd6bxGhdEIUl1O0nbX8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNX_JdjVfHi5ufXxpebzH7lwyQFRoZJL4s_jB3Vpzw5DFnbgsMNLQEzbWkHDOWuwXeQj6hikgMMqc7dpPZ6fOPsqrJ36QlSAJqLtv1hDWZSMvVQQZ-7zxut82cqfdVbkJuWWv0paM0oS6VQs9rIeqCCr9iz3EFuc5Jr9JJMnpi9HF9yl0_c
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73ff59d18b1bd3cc-CDG
pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3zshS3TLmuzlCOdfKWdJDVSz1kC3EjVi4y0%2FrQS9c%2FB49vSa2lV8%2FxFXAYtSGJcw5CaWRQJTsl113wD6FCGkFZp%2BlBE2AuKXvHJA%2BYJ4AsVdZWUhnqRYX2iHvJgMOy4KV0JIDB5mm1r0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpIAd6bxGhdEIUl1O0nbX8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 54B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH8O9hAXm11ZXez7dWjgczk&google_cver=1

43 B
1018 B

48ms
18ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH8O9hAXm11ZXez7dWjgczk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNX_JdjVfHi5ufXxpebzH7lwyQFRoZJL4s_jB3Vpzw5DFnbgsMNLQEzbWkHDOWuwXeQj6hikgMMqc7dpPZ6fOPsqrJ36QlSAJqLtv1hDWZSMvVQQZ-7zxut82cqfdVbkJuWWv0paM0oS6VQs9rIeqCCr9iz3EFuc5Jr9JJMnpi9HF9yl0_c

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 21:58:42 GMT
X-Proxy-Origin: 146.70.117.101; 146.70.117.101; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bd40ff93-f692-4ccb-93f0-d1d5f8681c83
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH8O9hAXm11ZXez7dWjgczk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54B4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0ODcyMzE2NzAwNDE5ODgwMg%3D%3D

170 B
188 B

60ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0ODcyMzE2NzAwNDE5ODgwMg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 21:58:41 GMT
X-Proxy-Origin: 146.70.117.101; 146.70.117.101; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 52f00feb-c391-4b44-af67-1f794e83cd28
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0ODcyMzE2NzAwNDE5ODgwMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7A44 8 KB
893 B 58ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 21:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Aug 2022 21:58:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Aug 2022 21:58:41 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7A44 2 KB
902 B 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:32:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 7A44 23 KB
9 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:51:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7A44 3 KB
1 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:54:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 7A44 17 KB
7 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:55:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7A44 0
0 31ms
28ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSloW7nRHZH6N2XV11svYO6PqCni7AHNCCFLpYxbiE-k5dVs4nioZt_kZGmdHIqPyZH0FsyHGkxBV8xZAnRxFzfdL-V9A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A44 140 KB
43 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44049
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661168302676581"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 21:58:41 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 7A44 33 KB
13 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 22:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 22:40:08 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 8436 236 KB
70 KB 195ms
39ms Script
application/javascript 52.19.54.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.54.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-54-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7a7fc4fd1569286b87e4a95d3053a107c79cc600873c22324e18b1f6bbd2d9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8436 106 KB
38 KB 133ms
15ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Aug 2022 09:05:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 8436 8 KB
3 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5PxNalkEVbW7s_-jdpB9A_wkzRPJuoUKGVQoBPnbMcxgJCO1xIgEMtcsiKRdvwVTnClFuGgceEbGsccOrWbc-S0sOkHT7B04WVC1RU0h0Z9LwoL6szdT_KVYvQb3V6FDCIe2asdCZP8vVYHsXxtg-h5K1qw&dbm_d=AKAmf-A7vaUTp0n27ApryEd9Idg9CYziwftKoYwUN8xtPRJ7rup1WrdLlZ-0TkF9PjBqVvzmMlgeUPz_vNM75dsWjfDTiFN1O25sf6ZxiKH5Kp7SuOOPMLSp4oHLpdtorO_4Et74LEX0CFF5b2zqqWpKIbc-GIAWKv9onb2EG8O6o-D78HY20NBHIGiE-L6fuD0I_KHgNSm7WCh0_ViT6SBDLivVcb39vNspSiDTTXPP-plGXqxeAIfz6j3TEBphijWNcgC2qYhX5VNxjN6TxYdz-fvBJCUWf8WLNyrmsO-31p8V2q77YOQZtDVTvp918DTsIbFpav_BpDFrLNKDaMpoNrzynQ22WuHMA1_fQk-nelJl6ri0TMj9LCwKErYr0pc9wlla4wCrSbLgHjs0YIhNVm1A7ECpwJJtEcOI8HEH5tfNlBxDk2EXPk9IsZo1Xs_YQ7Ng1Al69Au8RP2Z8vzqLga8MWDq0sJjUm5DKGaspHkV2btZXB4wSNiJequwfKMQLMA8bIseJ0BmByuS_dyoBbGbDtQis0UmKO2PHuamh0tcNU52WiyEe5rLCiJWBXVovRcyRn6nYVo7TU5jTE0tIP-TpN5ClC-2pZRuTvrSB507PyzXzq4n-L2cqBVKCAVWq3_wqsPNPaRv_ET-ObBXer4FG7xYD5__jIzBwpd5pgc3dEgVdEiPS7ZjnjfbJ3XlZbcg8fGvADH3H7dQENnWS5j8Sat6UqLnVZxsVJJyVnoW-YMe4To8Wfob3kGBgHgK2UsLdjGWflv2BCck3mGKR1yMykSfNIafqZBTvH3zfvfO5VcMmgaCwWuAPscz5bJTrKfKO-3Fh-8TigoqhdeZQ83suoFvq7RmrhFrjMgnLi9fS4fIJHvSXNM4NEQ-rqOsz_C1S4HlW5MeTOyyZDPbAw8yScwjVsEYGp-gCS_JBc9jM05Cy2NA3MFyfbELJE9oACVccWY2BGWydW9VuLO7yPnmjgVbn6WVhRWNCy74wFc7PyMaE1rhUJ1vmtnx0r90h_NPyz73nB3jdui0Lzg-kzavnUdgJKlFp_PYcK6YauOI5pA2LWIRkWx8-jY3XP_gZHIaEOdeJHl5jCbmGvP_rne3R8WKua0r07Ur7FTrlIS6O-tdKfUjiELuCqEXYSu7xo-CiDeRlmF_uR1ppCvyD3SlijlYSs56RDvxvAhYTGeFxlmDk4O6dhvKQo3WuJKT0pbcB3Cm7H-yfedfkCYq7uOqsgANefvQ9VoIIlApHQw4Cw6xYceZCnRQBH94_PwkFgCLlVZS9hp8wzls9i8a7m1q0Up-TpIqeDuvKxDfKH3dZkc7lzaRhKJ2-YFQIScwlDmTOpbpTtyTkP0HYn9bHQqHRYbWTCn-XFVX6McD27OY_f5V2wnXYtHPxaUWhgoD6LcVLMtx2itrklgkiBMCvqSLA5bvXypJywVGudc1BLSF3ucaFWZ0cbDdLB9CHfH5UA61CYJZgBeQT2tMhOmVlZZCuvBX_BQIfAN-4muzIU2GPEIyNZShqH7XD9jqdlG3n-zWZlv-DhsPEnQbiCLf9by6lDEw9Slp3YuezITRCc7WCcuXGNwrtowdJPvY_fbYU0TDxm1Qdymzw7EjhtFAOPh7cP73eOKJXp9lMHEUt3WZs2H9e_XtBOAyR56QdR9wMHlODTm9lU25wkUudg9RxFTm9cPYXSG6Woq4JoFuzbLPFF8BFvqB4DlfdB6mACC5UmIuWZHOGAbGnmpQ5bexACOVeJL48reWcE54u9H-eg99BndjMvLlXo8HMYB-5MNFcQAnmIPftPNXzOkoW7KAnEWxMBwcvlOhblxiCZ_U0BJaZ9KVOC_jvl7MZ3EL1pT_6zWEouOBbzpAtBo_a2NOPKA6vd9NypI5wxiKfUYfq_2QE04hRm0SdPRL3seNozXjRAeXGSvC27r6GPiEDHN-aN1VA3i5mgLYU1TRNrZuyzU8a9-uPtIqo6hhB1_2cmB7LH-0e3QMvLLnvTNSrW4G-Xhd2UbrnElzft4hdnvV39TP_5gRgUcn6CsB8tPfHX1jmRtpnUf_zQnOApR8wvf2DbOevAdhs67f2YfVf6u5hjs4qttY8AMPohl1FGB7n_bTlJLk4nn-aTM4T-nN3vQTpShu0n-2sbqs0blkjyb2tnK33I7dfSpDG0OU5PhwAgtLm8r55O77vrDH11UHf_vLjz4RVNI_3l6674KZp3q__yXcqXTLh_Er1BbBS0v6uTFIyYxcDitjrCVf7IJKF_EUq0VKeXstHgs9uDnyXrihLc_OW82DGUkcws2Zhzw6schHi2KUY9svk5L5xwsoEJokVQ4T-J-pbzi9rihAJPoP8G1y8G0cBCZqNyaZrSTR8tDvStzIC9e4ju7QehIfUAMj8I3XitdiAeEghOp0VLF60PpkORx7bMaejh4huBCNKxcds57E_YmPAD41N4qJTt9yjWRiamXaLEVO627uxZEbLXR4ZiQgIJd8p6RAD2-_QgrObj4w2vsf7deipY3E6iuMIk54e66j9YdZTm4tfFSSy5YPKvKszxWd6u7YNtX8qx9-gxfirsX6fAByIuNfnkVEGf7JOSHox9Gw4TRof8j-YnefreBwJxEtQ4FkK-s5F9LaK6XwVkfWEaBG4VQFhNhUW_w3Lf3vFlHYNojsd7f-m2_FX2q5ksEcKcyttva1uoHPEdPqlvScKMqatQxB-kW_-MALX58Uqne5G1xbp1vAvjQBZIRRp8BGLQE3jXoB31jNA0VLMv0_aql6kVfCedt0KT3EHB63ZWl8pG-91fxpJ0d5KQktTm9Ch-BqVuvDGqSxQb63BWWrDca3oDuucfBkzuV_R0t-ceebc9x0MjzIkRrSGT558lJbKkm0wyyTIa-CrgVK-A-9BS9kNE1yiVRMIX2fvCyqO2BupiZkFmPftK6G5qUTBTI6PcYnQDQhLHotrVGc1nrdhcTTtoj_DvMpAtUOYAB27hx5YqzkS9A5eDXYvnSHuRCDj0QNBLfz1dIvG9pDrfEFu_y0Vt8bQNONGreTUTQTJDigYotqtGHhHrnzZKbEWKMDwedT1QTEE90MdV2eXBAR6XlLRzuqh531ywE9n20I6HyPf3Tn7IwzGzjHSG87tHroy0r09P7siF7r6UsD3vgypZljxm5lk85a-tGYi4IzDbnfYXUyGM95oq_MucDcAxigEmbRIRSejfXzUJvRCSJB&cid=CAASEuRoUupoPay68cqRDTbaHLTXJw&rfl=2%2Chttps%253A%252F%252Fcliqueaqui.bio%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:38:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 8436 30 KB
12 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:41:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 052E 1 KB
749 B 17ms
16ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 14:32:04 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8436 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 640A 1 KB
749 B 16ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 14:32:04 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12784067222800087067/ Frame 403B 141 KB
22 KB 51ms
16ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12784067222800087067/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22859
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 20:27:30 GMT
expires: Thu, 24 Aug 2023 20:27:30 GMT
last-modified: Wed, 09 Feb 2022 10:31:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8436 0
622 B 135ms
61ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-1NwGi1Lg2RNMwnZc0j_9Fdhjc0R1KRILaOhkm5bWWI24_3109b17IzCkqCd-DBa8ASWawt3iNINmdDvZAnUOA8JJMG1rHLRpOYgnWVPJZo3vZ21IqsUUXyXP-oleQI-4kAo85kY5jEjKasQZDMWN4xsnhpQjxnvrajlY-ng0EXfpuhgrmkSS_XE0_XtikoQPjREwksn2H94NkZCHH1uXXAgYucwaV1AH9AD8I1UKZLmszRugKdZniD1X18ayP_f8PqbgZQjuLPv9roldxxNOGPKDa0xbimUVHxQeGy2im03VrBjtk-JV1P6kTnJklBpxBdbxbSIvJAT55HQEP3RCf961sNtUjIQaK8964-ZmlEruUSAAduvSj955BwmSkF7GlNpuWiqCxg0vUceForUmsU3drSSYn2MKmVQTLT68hT8hj6so4UAbxIgEag5igE8lR38LF2QnXVoSum7A-DwipjdMEp-LP6-r_dpC3KEyC3hGUBBWRGDYuSRKP29bh68cxUPcLA10UDC0zssSEQyEJjqe2r99p7e3EKvg19DcmB2YByk4ZI24aEOmtLE-AwHFJkq835w529VOad4QgnRBD3K7stYVmqWaBFKd3uWMWTX4fp0e7t_lBrYYPBi-1eW3NZyL3qAGFJG-XldB4d6ILc4FuYc5AVGyzc8yCUpkTsKVwnYEb6OMhcWUeRzx7h8DNcECIPINP7hRbYhkmb9Xe6JIAaejYDfQO-gvFF3VUtV_kG9-Gxa6MWSO7ClSWMgEYXbB4cV9bYOSsx47S9h7E_sIdMRNYaqVCxdpyngBIvjiLqPYrBR5iKQFnUrbtkaXjSxK2EJs9hCgODtIn-0SZJ93ySDtMkRbuC91eAZLLCzjgXKkK-deXO2FLFfYQ9mcKATZ4FxRcJOuJ3kQ7nbM1R598Is5MzwiciQ5XRSwqsuv2jfty6vFkwcUq-Nwa1u6QjLuVczpOrEF8NLvd5IJ2P2WQtRWFtGRniejI8liJJZjfxVVS1scuxm45aCNuvK6XGIeSuQ9hcj5v8CpjnaKWDn9Hp5bl7-WgRHfUsUJAlenv87kGdz5w637itN5TA0LVDLECdK3QgTyi6o9PDyeS_REgNoEgZl8OP1zTD8CO96Vd4VSJ6SaD134Jr_29pXLPZumSRe-EMO_Xh9mpRVxWYjaSyvX-4xUK7BRQv2zCB3DaZAq3pC2l6yDWIf03jD1HnLvsn308LZYbnP3z6WLFirDg1kaY5O5odGWNgG4XEuc&sai=AMfl-YRYaYRVz65jsn2T6q3rtJ4l4UHxWzEE9hIZddy07P9qr88_PGFNKZ693xzCEIDvYSd0EzicBI0alvDn3kxXQmbDuUJn3rtmHfrwUO1hLPZ9MQihzD47DGsEzhcg2gnN0hHXNojHD6VpleInZe-_impQ6Q5L6A&sig=Cg0ArKJSzPLokPVGt9vDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&cbvp=1&cstd=222&cisv=r20220822.73261&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 24 Aug 2022 21:58:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=3184715318203240&bg=!MzClMHTNAAYUOm8VNDo7ACkAdvg8Wjhjm3RWNuYnT1sUTdjswi5y7C6jTYUQnF4mivkkJB6nkW7NlwIAAAB_UgAAAANoAQeZAs4D2BjtoMvjH6K2KXVpwc_XSiUEfJtNU7llE9mZzhgMCTLoRllr4bGupJhz8racPpC3N3d55GKlOFnrSqxHI6JW-nF8UyTqfN4IsQjz77raCraFMdNQoFt9gUvLihggbCF0oXvYJJDPhB2frhgnNQDqLgpExwU7M5vQpgTHA_aRm_wJLHe3vsyWW6Pwo6mcH0aSCHrjd4aYlvx9Yq9mI0bSyF_Q_bRbhrSsK4JsvHiOZcXPJDYssPjZKAKp_NNAUlahpGuswGiFp8l8cUc7Z7zU1Ss1tLEHMSNsABbe3ECeX8GcIFkwwfoq7wGAnqv_ze5dGEW_UEVaZiprl9CkbW9VX3XM5gUy9zb6wZlSKilclc4MAVO631Zx9QbLfKBm9zug-jdSFnNBtNOqFbqFkFzfItlW1NTPzoM-kvTdBG_JQSnlDhXM8WG0aRsU7ipW6UvQvI-KtPoaWh6fs9p3ZXilv9KOT3Wodpdky-NgI2TrySver2R5zvVbI9KaZK3rswiRwLqg7QAtMvy8YZvjpHeWpgYJklm5n6Ww0EMP0AYbCqxyVv_BkkIK-X-hCXunwfdfr8RnIE0__IPlR473FI4NhakqRpZO2sfXgsKgfTCT1YvMm2LfZqFMWVG7r5Nf0-DwyecY1fZwV6XaSCmeHAFb3JZ2Ow8MnWJgzd92Kx6TpWW_VzuMYiYbmCNDW9l63JcAOsxtT_ySVU4WToODWk3lcevEWoAbqWDeieNpWn1Gax51_Ro_NVqisK9X7ofBGjaqHj1YwWBF08ZhBGhTyRXC9WimdU77lMTufe_osAEVJKxYyCJ9XjQDUUpWwU64qXGgk1Vjm3NAsQJsw13B8Z0dLHJ9l8KV4kyciKkSIW3lcwRTQ_NnTWWK2eNIUd_6-DozlPSOMfbXUheqbXEJnNr_YzgxzydHJy5dddmXcDv7vK7cb1r6vU8Tl9hkT2oa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel.css
clickbusters.net/themes/altum/assets/css/ 47 KB
6 KB 72ms
34ms Stylesheet
text/css 2606:4700:3036::6815:1dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clickbusters.net/themes/altum/assets/css/pixel.css
Requested by: Host: clickbusters.net
URL: https://clickbusters.net/pixel/rnsy4iuoz237edmikzhprm5j1xb46nxq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9027b3e1ae3851ea9a42bba4a7f24f4e0d24d9e6e7279f0cacce816aecec0a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 12:24:21 GMT
server: cloudflare
age: 206283
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cc0hOvKAPDui%2FWkkv6sajK3u%2Bu%2F%2B4A5vBLGJIgNhdkRixr8LA969MN0ZvoqibMS9XPbue3gD8dnoiNBBNhgn8%2FwicROayDQkIftHscLX9UVy8pORd7GXPgcjGDX6Mgz54gWmMtpQSoF1TB51Wrzx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73ff59d12a1fbab8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 21 Sep 2022 12:40:39 GMT

POST
H3 200 rnsy4iuoz237edmikzhprm5j1xb46nxq
clickbusters.net/pixel-track/ 0
528 B 860ms
823ms Ping
text/html 2606:4700:3036::6815:1dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clickbusters.net/pixel-track/rnsy4iuoz237edmikzhprm5j1xb46nxq
Requested by: Host: clickbusters.net
URL: https://clickbusters.net/pixel/rnsy4iuoz237edmikzhprm5j1xb46nxq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cliqueaqui.bio/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWUVw%2F96zsOf3kLPtAKzdFg%2FgtMwEPGHW8hyT%2BV8sc9SwaJoBYZm3E2XiErcUrKV6U5pYaHFCsWv5XtIY3LPxE8o91Seq%2FPCqpWVKSOLFQLYBNGOB3ZmleUjP4prCx%2BGu2xBzulPs9kMnZnLfFJF"}],"group":"cf-nel","max_age":604800}
cf-ray: 73ff59d12a20bab8-MXP
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1EEA 22 KB
8 KB 18ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 482865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:50:57 GMT
expires: Sat, 19 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 052E 35 B
462 B 130ms
18ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOkgzvd4DDxZzf9qTO9oREg&google_cver=1&google_push=AehlK4A_cu9IXSnRq4WyKFcCay8lN-CvrMGexBPwa4UrzPKs3KrSl4k_cjKOiCnqvo_0ht1cK7ViSoWnJYxUm4QLe-H1r39ElQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 052E
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGHPxOXVVexFaGWF-19HSN4&google_cver=1&google_push=AehlK4BNsplDVNAuP3-TOlxy92BDJJHKHTJsAKMeH3-dYEgYXUTD1lCEHL3MbYLo_jPqZOB5Bq-9VpTyxj3dri_Moec5nXqCg_g
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BNsplDVNAuP3-TOlxy92BDJJHKHTJsAKMeH3-dYEgYXUTD1lCEHL3MbYLo_jPqZOB5Bq-9VpTyxj3dri_Moec5nXqCg_g&google_hm=Q0FFU0VHSFB4T1hWVmV4Rm...

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BNsplDVNAuP3-TOlxy92BDJJHKHTJsAKMeH3-dYEgYXUTD1lCEHL3MbYLo_jPqZOB5Bq-9VpTyxj3dri_Moec5nXqCg_g&google_hm=Q0FFU0VHSFB4T1hWVmV4RmFHV0YtMTlIU040

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 21:58:41 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BNsplDVNAuP3-TOlxy92BDJJHKHTJsAKMeH3-dYEgYXUTD1lCEHL3MbYLo_jPqZOB5Bq-9VpTyxj3dri_Moec5nXqCg_g&google_hm=Q0FFU0VHSFB4T1hWVmV4RmFHV0YtMTlIU040
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 052E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4D18YB7...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4D18YB7...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MjQyMTU4NDIwMDAxNzg2NjUzMjIyOQ%3D%3D&google_push=AehlK4D18YB72RJrOdRlL54hONeHR5CtHeBzRbCnREZ0WlMR90SBolwlTf3gR7JWQerhww...

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MjQyMTU4NDIwMDAxNzg2NjUzMjIyOQ%3D%3D&google_push=AehlK4D18YB72RJrOdRlL54hONeHR5CtHeBzRbCnREZ0WlMR90SBolwlTf3gR7JWQerhwwdk06AncApcAG02uJA1uf0H1vb22n4

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MjQyMTU4NDIwMDAxNzg2NjUzMjIyOQ%3D%3D&google_push=AehlK4D18YB72RJrOdRlL54hONeHR5CtHeBzRbCnREZ0WlMR90SBolwlTf3gR7JWQerhwwdk06AncApcAG02uJA1uf0H1vb22n4
pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 24 Aug 2022 21:58:42 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 052E 43 B
349 B 73ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFvdc2FkdpuUikMTCuVCayw&google_cver=1&google_push=AehlK4ARqaH6sLfnvkC7FhUjhd6Rf9TxLDKdcWlq-qt5By790CxQi2SyE8tSiREXihSvd6LLMPQ7eA17tIo_J1kbSSuFcSxrLKU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cu2233ckfc8f5rssid7hsai0tb8hioca

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 052E 0
166 B 118ms
27ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHsmOTqETYiEnkZsVr4kh9M&google_cver=1&google_push=AehlK4DZjE49dN2LNSKXYZngiHAnpLxJHlTFevEtqgya5R0CGKt9GvBdd7GYAjT-3ubLzDJ-EWaZ-3tkVufnI6OMfNjOElkPPg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 052E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP18IgW0O4oZ6mL_94TiNdY&google_cver=1&google_push=AehlK4BXO4d9QPrY7wDjbfnw8eToPaPaIA-ddkDqylsxeHFEePOZjtnazViDhAqPvzL7hTrX3-V...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4NVI5UTEtMVktN0NISQ==&google_push=AehlK4BXO4d9QPrY7wDjbfnw8eToPaPaIA-ddkDqylsxeHFEePOZjtnazViDhAqPvzL7hTrX3-VV3rZaBRQ6359gM3ge7RFMt98

170 B
188 B

27ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4NVI5UTEtMVktN0NISQ==&google_push=AehlK4BXO4d9QPrY7wDjbfnw8eToPaPaIA-ddkDqylsxeHFEePOZjtnazViDhAqPvzL7hTrX3-VV3rZaBRQ6359gM3ge7RFMt98

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4NVI5UTEtMVktN0NISQ==&google_push=AehlK4BXO4d9QPrY7wDjbfnw8eToPaPaIA-ddkDqylsxeHFEePOZjtnazViDhAqPvzL7hTrX3-VV3rZaBRQ6359gM3ge7RFMt98
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 052E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_hm=YwafEUq3vSeozBvOGYNVywAAFDwAAAIB&google_nid=index&google_push=AehlK4AC0AiNKOl3VIBW_2hfYluSm0tqyYQ_w...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_hm=YwafEUq3vSeozBvOGYNVywAAFDwAAAIB&google_nid=index&google_push=AehlK4AC0AiNKOl3VIBW_2hfYluSm0tqyYQ_wGfp1P9aV2XjA0fQo9dNBwdzGiY1SVW3v6GBTxAlTmYkQE9hpmdseBirOwyADSg

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFQt2hG9B36AJE3dt0fYS2L%2BWGiGgUmIb3j3l%2BF4p%2Fd1K9WUTLt829DwZnO4hCcKaQVHwjrlE9IXNRcecOtJ3jFkDMAO%2BfmrVA2bcRgFxAtMPI%2FF8mb7tZUUfrua8mFAhLfAt7tTxTT5WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_hm=YwafEUq3vSeozBvOGYNVywAAFDwAAAIB&google_nid=index&google_push=AehlK4AC0AiNKOl3VIBW_2hfYluSm0tqyYQ_wGfp1P9aV2XjA0fQo9dNBwdzGiY1SVW3v6GBTxAlTmYkQE9hpmdseBirOwyADSg
cache-control: no-cache
cf-ray: 73ff59d16dd2923b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 052E 0
12 B 23ms
22ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JjGkyWPqXdGBMThQ_p_6qY_-XVIKFwiGDkDrTdrddonsYtJtXyKaA1O8Eg7prE3lXNxH5O

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 640A 35 B
463 B 116ms
17ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOkgzvd4DDxZzf9qTO9oREg&google_cver=1&google_push=AehlK4B0KhOTpcdPKMm3rcFjXsG7YX8HMFQZZ4WDit-wQg8PtbCaza-8J37Zj1trWPjJ3xKJn8zPWZxa6DIsk-v3gM1b1HCNo6XT

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 640A 43 B
356 B 134ms
32ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGD-emUaXOlS_tzHuTwzFco&google_push=AehlK4DKg269mJLP_oJnB3Ahz7o686wMH5myVPcBxLy0t192Row3eUfGeRgaY50BIx2kINnGPYFBUZi-YD9OeKAgOp8hr3aD9d0w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 640A 43 B
135 B 62ms
26ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFvdc2FkdpuUikMTCuVCayw&google_cver=1&google_push=AehlK4CfqlBmy0xDGhr6hvX2lQSn-iNcxSNHKVsS0KINRVBsyoncGpOJXvIe60F12EeM1GbU9GeufzC-9qxd1UjaYTLlDLxDVc0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:41 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n9bn1ctpbr8t77f0pfl4hvmf1a163ejf

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 640A 0
41 B 106ms
27ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHsmOTqETYiEnkZsVr4kh9M&google_cver=1&google_push=AehlK4BhGPvvWNJoASXjhsCObqRNGKwd5d94ff465nHcJk5BnVMZVn0pGOpKZb1JoNghPFwP1OZQ-65hg3_ctdj0QxcbyYlEXSJx
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 640A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP18IgW0O4oZ6mL_94TiNdY&google_cver=1&google_push=AehlK4CzPMYpp4Np6f-y8-RZPJ9DujbHyKMMXScP7BBYCWitsNxEdPiO9DgRHyKv0-Plc-5hmPs...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4NVI5UTEtMUotNFhWSQ==&google_push=AehlK4CzPMYpp4Np6f-y8-RZPJ9DujbHyKMMXScP7BBYCWitsNxEdPiO9DgRHyKv0-Plc-5hmPstKsES1oyJfCnJnuwrN-EeVjHM

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4NVI5UTEtMUotNFhWSQ==&google_push=AehlK4CzPMYpp4Np6f-y8-RZPJ9DujbHyKMMXScP7BBYCWitsNxEdPiO9DgRHyKv0-Plc-5hmPstKsES1oyJfCnJnuwrN-EeVjHM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4NVI5UTEtMUotNFhWSQ==&google_push=AehlK4CzPMYpp4Np6f-y8-RZPJ9DujbHyKMMXScP7BBYCWitsNxEdPiO9DgRHyKv0-Plc-5hmPstKsES1oyJfCnJnuwrN-EeVjHM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 640A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_hm=YwafEUq3vSeozBvOGYNVywAAFDwAAAIB&google_nid=index&google_push=AehlK4D4bm3yvYUM3d0911ZnZnbq_aMmVtZY6...

170 B
188 B

27ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_hm=YwafEUq3vSeozBvOGYNVywAAFDwAAAIB&google_nid=index&google_push=AehlK4D4bm3yvYUM3d0911ZnZnbq_aMmVtZY6pFHeoQQMrn_gP9n-WZuONPTj2OaisLLaCYTnd8HYuNV49TLXRQBxWiwysqO0gBS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KafgZ3uedJax2eXIV6PAshpuYJN6%2B7TFhwpvpiJgtn7XQR493E0um0OOT6egyBpoiljoxqmou4Y%2BwgGKZ68of5JjkKxbpOryS3Yc%2Fgj5rH2DW9VLhds5%2BItu7NVNp4qCSrrHUics6unKUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_rnkXx2sxsqp1_8mS6ND4&google_hm=YwafEUq3vSeozBvOGYNVywAAFDwAAAIB&google_nid=index&google_push=AehlK4D4bm3yvYUM3d0911ZnZnbq_aMmVtZY6pFHeoQQMrn_gP9n-WZuONPTj2OaisLLaCYTnd8HYuNV49TLXRQBxWiwysqO0gBS
cache-control: no-cache
cf-ray: 73ff59d16dd5923b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 640A 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 640A 0
12 B 28ms
26ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKTQw2tNAVUClIUqBBl02QS0JlDuCFKGmDSXF-f8zli0JWc2e6kLHsuq76HfP_kqiIikOpIQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0570 36 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 07:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 07:47:41 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 8436
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_EZ8GY-...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

85ms
21ms

Script
application/javascript

2600:9000:21f3:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2600:9000:21f3:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 09:42:56 GMT
content-encoding: gzip
age: 216947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 22 Aug 2022 09:42:51 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: 2V7Ev0h1pYaSOwq2q1CGzR0zwlYXy7sH
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: iNC5NBde5yE37dgvKDB4-4AZki7dARYEdOm2aewKZizM9Lw_pO1Tkw==

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame C719 80 KB
21 KB 115ms
20ms Script
application/javascript 2600:9000:21f3:8000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 8688249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: PcVHd06lD3gO9z5rJ9IGcejx6nqE4mstAl_bYEDpa174vK_Yni1FmA==

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EEA 36 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 07:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 07:47:41 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8436 43 B
215 B 382ms
102ms Image
image/gif 2600:1f18:1aca:4281:a87c:4247:778e:2c46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=bedceda3-2671-2b9a-d8fc-ea93d02161b6&tv=%7Bc:mfrunX,pingTime:-3,time:59,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:59,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tft4798+11%7C12%7C13%7C1411%7C1412%7C151*.987057-61527017%7C1511%7C1512%7C1513%7C1514,idMap:151*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a87c:4247:778e:2c46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8436 43 B
215 B 379ms
102ms Image
image/gif 2600:1f18:1aca:4281:a87c:4247:778e:2c46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=bedceda3-2671-2b9a-d8fc-ea93d02161b6&tv=%7Bc:mfrunY,pingTime:-6,time:60,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tft4798+11%7C12%7C13%7C1411%7C1412%7C151*.987057-61527017%7C1511%7C1512%7C1513%7C1514,idMap:151*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:cliqueaqui.bio*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a87c:4247:778e:2c46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 403B 29 KB
10 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Aug 2022 21:22:52 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8436 43 B
216 B 364ms
101ms Image
image/gif 2600:1f18:1aca:4281:a87c:4247:778e:2c46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=bedceda3-2671-2b9a-d8fc-ea93d02161b6&tv=%7Bc:mfruoe,pingTime:-2,time:76,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:376,beZ:377,mfA:379,cmA:380,inA:380,inZ:384,prA:384,prZ:391,si:399,poA:401,poZ:422,cmZ:422,mfZ:422,loA:435,loZ:438,ltA:451,ltZ:452%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:76,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tft4798+11%7C12%7C13%7C1411%7C1412%7C151*.987057-61527017%7C1511%7C1512%7C1513%7C1514,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,sinceFw:51,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a87c:4247:778e:2c46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ds2elrrTizg Show response
www.youtube.com/embed/ Frame 75D3 63 KB
27 KB 135ms
82ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ds2elrrTizg

Requested by

Host: clickbusters.net
URL: https://clickbusters.net/pixel/rnsy4iuoz237edmikzhprm5j1xb46nxq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92387b0fa458cbc2936dfa00b47d86b0fe4e71ddc61965504a759452513e9e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cliqueaqui.bio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 24 Aug 2022 21:58:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8436 0
26 B 86ms
53ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-1NwGi1Lg2RNMwnZc0j_9Fdhjc0R1KRILaOhkm5bWWI24_3109b17IzCkqCd-DBa8ASWawt3iNINmdDvZAnUOA8JJMG1rHLRpOYgnWVPJZo3vZ21IqsUUXyXP-oleQI-4kAo85kY5jEjKasQZDMWN4xsnhpQjxnvrajlY-ng0EXfpuhgrmkSS_XE0_XtikoQPjREwksn2H94NkZCHH1uXXAgYucwaV1AH9AD8I1UKZLmszRugKdZniD1X18ayP_f8PqbgZQjuLPv9roldxxNOGPKDa0xbimUVHxQeGy2im03VrBjtk-JV1P6kTnJklBpxBdbxbSIvJAT55HQEP3RCf961sNtUjIQaK8964-ZmlEruUSAAduvSj955BwmSkF7GlNpuWiqCxg0vUceForUmsU3drSSYn2MKmVQTLT68hT8hj6so4UAbxIgEag5igE8lR38LF2QnXVoSum7A-DwipjdMEp-LP6-r_dpC3KEyC3hGUBBWRGDYuSRKP29bh68cxUPcLA10UDC0zssSEQyEJjqe2r99p7e3EKvg19DcmB2YByk4ZI24aEOmtLE-AwHFJkq835w529VOad4QgnRBD3K7stYVmqWaBFKd3uWMWTX4fp0e7t_lBrYYPBi-1eW3NZyL3qAGFJG-XldB4d6ILc4FuYc5AVGyzc8yCUpkTsKVwnYEb6OMhcWUeRzx7h8DNcECIPINP7hRbYhkmb9Xe6JIAaejYDfQO-gvFF3VUtV_kG9-Gxa6MWSO7ClSWMgEYXbB4cV9bYOSsx47S9h7E_sIdMRNYaqVCxdpyngBIvjiLqPYrBR5iKQFnUrbtkaXjSxK2EJs9hCgODtIn-0SZJ93ySDtMkRbuC91eAZLLCzjgXKkK-deXO2FLFfYQ9mcKATZ4FxRcJOuJ3kQ7nbM1R598Is5MzwiciQ5XRSwqsuv2jfty6vFkwcUq-Nwa1u6QjLuVczpOrEF8NLvd5IJ2P2WQtRWFtGRniejI8liJJZjfxVVS1scuxm45aCNuvK6XGIeSuQ9hcj5v8CpjnaKWDn9Hp5bl7-WgRHfUsUJAlenv87kGdz5w637itN5TA0LVDLECdK3QgTyi6o9PDyeS_REgNoEgZl8OP1zTD8CO96Vd4VSJ6SaD134Jr_29pXLPZumSRe-EMO_Xh9mpRVxWYjaSyvX-4xUK7BRQv2zCB3DaZAq3pC2l6yDWIf03jD1HnLvsn308LZYbnP3z6WLFirDg1kaY5O5odGWNgG4XEuc&sai=AMfl-YRYaYRVz65jsn2T6q3rtJ4l4UHxWzEE9hIZddy07P9qr88_PGFNKZ693xzCEIDvYSd0EzicBI0alvDn3kxXQmbDuUJn3rtmHfrwUO1hLPZ9MQihzD47DGsEzhcg2gnN0hHXNojHD6VpleInZe-_impQ6Q5L6A&sig=Cg0ArKJSzPLokPVGt9vDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=478&vt=11&dtpt=253&dett=3&cstd=222&cisv=r20220822.73261&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: cliqueaqui.bio
URL: https://cliqueaqui.bio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 21:58:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 403B 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 22:04:27 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 403B 3 KB
1 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 22:03:06 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 403B 6 KB
2 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 22:04:01 GMT

GET
H3 200 head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 403B 12 KB
3 KB 20ms
19ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3442
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 22:05:48 GMT

GET
H3 200 head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 403B 7 KB
2 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2321
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 22:05:48 GMT

GET
H3 200 728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 403B 38 KB
38 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:45:52 GMT
x-content-type-options: nosniff
age: 770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39260
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 22:00:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EEA 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGE8VEZ8GY-PMLbfZ7_UPy-SXgAcAAAAAOAHgBAI&bg=!cXKlcjbNAAYUOm8VNDo7ACkAdvg8WlkxfhSkd4dn1EzYwgkfNNMAduMZM892KKO9nsw0THBxojB2ZgIAAAB9UgAAAAJoAQeZAzAt_Yx7p3HWEejpanQqKBtxrkSqB0IaCe0HDD_YUmm4h4EJOcUT-czCjbsJwnshjONEgfcy5bS-RDkZJh9LYXeBG7dMevq6MdDc1lqY6TW274rF9DQOJP3TGwirMU4nGQWXwUeZbr1Scop-FYM5-JrgYYNX8diUT8WEojeJo1rno462t0vOssoTrtUKeSLtzm_alPYe1NWns0iwpXAhWbzVXAtjxtEeDpl0Z2ouJv0yqafs1V8NPjcvMYW-vkqexZFdHup45DSrypkqGM4Mp9jMkgF6j09WfMMRryDlqyiQL2PxG6CUS3I3lK6XxAQt2m1F9H8ftDnFqMdEhPs24I1X4dwENccIeODDFF3tOT4y9JN9SEje_CK6XCcXjV4v5CAYHxc-3sCW9H5JBc54TWnjJT5FPO5Gc4G1gaBZ7UCL1q-QYY7OD4yJtmeNQUxYHFBiInsCskuIE4OnhwXP08-TivoR_24h6X8Z5S0E--Hpg6qP-t7xugeHhM6YO2Mc2t_VzJBa6vpiu20ylLMeYmeVgH5_yFAv6zSpMOcqhuCWGoBTe95QHNHDiZvnqldz8wDsFi6uyyhoi2FHemas6TdbE3_zk2a1hClTMhQCI-nAiJGqanpU0xqy1H_6pB5EhgzXVASR40T7OB8ayl8gU51XJzQTEd2ZWFK-ACkw77iHVpOD0U5qNO_x-HOjFCfusoyjsD3b4ceCT6NatZbiI3FegFssUp4S2QclZzTSSt18CAomLWSxfgYXkxMyHPafNPKzzye9JE_yAfnD-r_HFZ9G_oYn0B12gtkzXkrTiguv1z40MJBOgWbfIIda2szGj6qyVvevTjEGB7oZtisr6DyW7pm_bjwUtkX9WFvbHYQ-Xt_5udEqgIF543I1BN1ssViLsFUAnWeU-Y1VNldzUORRf3HGPdaFZ9YoAGdbI1bAzOnoVyozXIiLNCn387y5g9ZZCeb9fxPpsngPbONpv3CMVmOUTDf2tSusg4379PiLXn7rB5t559jMwaAeSkC6oFWuX74dhukfu33i-Ch5bXz1L_oPYowjZmdPWuZl2Mkk3QQSXZFjSGeo-kD9S9id7no

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/0c356943/ Frame 75D3 343 KB
47 KB 49ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c356943/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ds2elrrTizg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

364effc0f6780744b78362bc58b631f3180e1efd8c7c448438734be8f2de49b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ds2elrrTizg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48154
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 00:18:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 23 Aug 2023 08:13:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 75D3 15 KB
16 KB 67ms
16ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ds2elrrTizg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 124837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Aug 2023 11:18:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/0c356943/www-embed-player.vflset/ Frame 75D3 308 KB
95 KB 61ms
34ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c356943/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ds2elrrTizg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

337884bd304a9eadbd690f69a2d5a316f922ac5edc1a0df1ff09f9ff305e6bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ds2elrrTizg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97490
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 00:18:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 14:56:29 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/ Frame 75D3 2 MB
572 KB 59ms
32ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ds2elrrTizg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4be5b8906e89dd9b7194a974706489fc0f3db359cc372a25a0f2997a33bb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ds2elrrTizg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585174
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 00:18:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 14:56:53 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0c356943/fetch-polyfill.vflset/ Frame 75D3 9 KB
3 KB 60ms
34ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c356943/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ds2elrrTizg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ds2elrrTizg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 00:18:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 14:56:29 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8436 43 B
215 B 139ms
139ms Image
image/gif 2600:1f18:1aca:4281:a87c:4247:778e:2c46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=bedceda3-2671-2b9a-d8fc-ea93d02161b6&tv=%7Bc:mfruwv,pingTime:-10,time:589,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuMTAxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1661378319534%7C%7Ccd52a6babbca9c4dccc9e5bd0395aec6%7C%7C5804921a8d3c64b26a083c50aad655e9%7C%7C6bbc31799b0d51668a83be76cd870ac9%7C%7Cc898c9c5088f086488e55c87b75a5dae%7C%7C569ae35a71f0b851f4b6bd46a2dba0c4%7C%7Caa5962aa9cb862a739de282c37465510%7C%7C80d66a7e09e32669d4ecd5f86de8bf68%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:a87c:4247:778e:2c46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:42 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 75D3 113 B
159 B 28ms
28ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d4ca686012600e73c614919aa6790df743d735e3648e413521e80d37f5d9f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 75D3 29 B
588 B 74ms
15ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:49:42 GMT
x-content-type-options: nosniff
age: 540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Aug 2022 22:04:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 82ms
28ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 24 Aug 2022 21:58:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 75D3 66 KB
30 KB 64ms
31ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afa997c6ca2f025f3bf1dbb6700dff3cd2c48a3f1ca5e95e32e14b90da097756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30874
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/ Frame 75D3 120 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eea139b05849fb0c18025f93f427d3467c586bb57d3cae39f507146a55645ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ds2elrrTizg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37767
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 00:18:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 14:56:57 GMT

GET
H3 200 H7nvYvOfHnKCxYWMHscKykYq8uwe1E_aCBXglESdy34.js Show response
www.google.com/js/th/ Frame 75D3 36 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/H7nvYvOfHnKCxYWMHscKykYq8uwe1E_aCBXglESdy34.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9ef62f39f1e7282c5858c1ec70aca462af2ec1ed44fda0815e094449dcb7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 05:05:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14250
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 09:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 05:05:33 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/ Frame 75D3 27 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

778e8b6afc4d530e63e55cf31372946901d399bc72d84600bd109593a124b4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ds2elrrTizg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 15:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8283
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 00:18:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Aug 2023 15:02:00 GMT

GET
DATA 200
OK truncated
/ Frame 75D3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 olP02cmLLze0jxChuYrz0Mc18_znv_GJhwEvZvBFwFfoD6G-fQRzDZFo_760JZWEkBPGYO0w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 75D3 3 KB
3 KB 81ms
29ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/olP02cmLLze0jxChuYrz0Mc18_znv_GJhwEvZvBFwFfoD6G-fQRzDZFo_760JZWEkBPGYO0w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ds2elrrTizg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

efa0aef253460afa8720d2b055b8dace533546115024004b71c1bd7d3d925cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2662
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 23 Aug 2022 19:56:10 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/ds2elrrTizg/ Frame 75D3 10 KB
10 KB 133ms
78ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/ds2elrrTizg/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ds2elrrTizg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71358b4761d146e1aca9bb2844225ebbe26a61c892c15df2c1962c899da2f522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9908
x-xss-protection: 0
server: sffe
etag: "1651249371"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Aug 2022 23:58:42 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 75D3 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Hlj0vQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ds2elrrTizg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ds2elrrTizg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 75D3 4 KB
2 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 21:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Aug 2022 21:58:42 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/104/ Frame 75D3 52 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/104/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15107
x-xss-protection: 0
last-modified: Mon, 30 May 2022 15:03:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 25 Aug 2022 16:31:27 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 75D3 98 B
142 B 28ms
28ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77adf412447c14344c0ea9dd4da8b80825daf2542409671c4dffa31c0c89b7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Aug 2022 21:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 24ms
23ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 24 Aug 2022 21:58:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 75D3 28 B
54 B 29ms
28ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c356943/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ds2elrrTizg
X-YouTube-Client-Version: 1.20220821.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtwYUVXVGtXa3hpTSiSvpqYBg%3D%3D
X-YouTube-Ad-Signals: dt=1661378319503&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKqOEgAXhECrjWrsMgKHllzfojKGglfNTFpXePWacJ29eI5PSaGhO5f3J56xsZXHJRqjQdEd0SXqOqyHTY13EGARxvmUvw

Response headers

date: Wed, 24 Aug 2022 21:58:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 24 Aug 2022 21:58:45 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 23ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BLV447KTTY&gtm=2oe8m0&_p=1224830487&cid=141008439.1661378317&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661378316&sct=1&seg=1&dl=https%3A%2F%2Fcliqueaqui.bio%2F&dt=O%20melhor%20link%20para%20sua%20biografia%20do%20Instagram%20-%20Clique%20Aqui&en=page_view&_ee=1&_et=421
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BLV447KTTY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cliqueaqui.bio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 21:58:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cliqueaqui.bio
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDaGAq6o_sYfNL_M6gGHLqA&google_cver=1&google_push=AehlK4AMiwzMry1PjwYyHo1jmVKJFbTBpVnp3ZLd_Q9RhHDtXPKSCKs7ywCPwG27NDe7940VWOMxuQUZsZmKKOcRixJfF5-S-otE

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cliqueaqui.bio/	1969-12-31 23:59:59	Name: PHPSESSID Value: 69ff3271b6791dff9c4eafa0372ee68a
.cliqueaqui.bio/	1970-01-20 15:05:38	Name: _ga Value: GA1.1.141008439.1661378317
.cliqueaqui.bio/	1970-01-20 15:05:38	Name: _ga_BLV447KTTY Value: GS1.1.1661378316.1.1.1661378317.0.0.0
.cliqueaqui.bio/	1970-01-20 07:39:14	Name: _gcl_au Value: 1.1.684518468.1661378317
.cliqueaqui.bio/	1970-01-20 15:05:38	Name: _ga_3W7P76B7HY Value: GS1.1.1661378317.1.0.1661378317.0.0.0
.cliqueaqui.bio/	1970-01-20 14:51:14	Name: __gads Value: ID=6df3e00d42ed827d-22b32ba102ce00f9:T=1661378321:RT=1661378321:S=ALNI_MYDKvQOYl0W8IIHJav6Z9McU39eFA
.doubleclick.net/	1970-01-20 14:51:14	Name: IDE Value: AHWqTUn-rCVDIkjkzeKGIFKv1mRZiEx_mm25-J2VG7qRA5LbtlaIzFKZh6iRhMKJNOI
.adnxs.com/	1970-01-20 07:39:14	Name: uuid2 Value: 3548723167004198802
.casalemedia.com/	1970-01-20 14:15:14	Name: CMID Value: YwafEUq3vSeozBvOGYNVywAA
.casalemedia.com/	1970-01-20 07:39:14	Name: CMPS Value: 5180
.casalemedia.com/	1970-01-20 07:39:14	Name: CMPRO Value: 5180
.adnxs.com/	1970-01-20 07:39:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVKhc$$(!]tbPl1M>e)ZlrFUfJ+tGXxouOym5VDrrNsD<t]3U%KzL@iNii`dWaj_^%J83If)y3KL9D3I?+>lH4g2
.quantserve.com/	1970-01-20 07:39:14	Name: d Value: EEkBCQH3JoEA
.quantserve.com/	1970-01-20 14:59:52	Name: mc Value: 63069f12-2ccc9-cc76b-2658a
.casalemedia.com/	1970-01-20 07:39:14	Name: CMTS Value: 1171
.agkn.com/	1970-01-20 14:15:14	Name: ab Value: 0001%3AjJ8x792V5yh7Gs74IG0KAgni50kt6Z8z
.agkn.com/	1970-01-20 14:15:14	Name: u Value: C\|0CEAqmVuSKplbkgAAAAAAAQ13AQCAAQpAAAAAAA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: KYd9WNoQ4m4
.youtube.com/	1970-01-20 09:48:50	Name: VISITOR_INFO1_LIVE Value: paEWTkWkxiM
.e.dlx.addthis.com/	1970-01-20 14:59:52	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:59:52	Name: na_id Value: 2022082421584200017866532229
.addthis.com/	1970-01-20 14:59:52	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:59:52	Name: uid Value: 63069f125e3dc804
.addthis.com/	1970-01-20 14:59:52	Name: ouid Value: 63069f120001b4b5f714d09c8bc12e5b5d0bcec2263989eee114
.dlx.addthis.com/	1970-01-20 06:12:50	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:12:50	Name: na_sr Value: 20220824
.dlx.addthis.com/	1970-01-20 05:29:38	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:12:50	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDaGAq6o_sYfNL_M6gGHLqA&google_cver=1&google_push=AehlK4AMiwzMry1PjwYyHo1jmVKJFbTBpVnp3ZLd_Q9RhHDtXPKSCKs7ywCPwG27NDe7940VWOMxuQUZsZmKKOcRixJfF5-S-otE Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
clickbusters.net
cliqueaqui.bio
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
i.ytimg.com
ib.adnxs.com
image6.pubmatic.com
jnn-pa.googleapis.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
googlecm.hit.gemius.pl
104.18.19.126
142.250.181.226
142.250.185.98
172.217.16.194
172.217.18.98
18.195.201.66
185.64.190.78
2001:4860:4802:32::36
23.7.201.234
2600:1f18:1aca:4281:a87c:4247:778e:2c46
2600:9000:21f3:8000:8:48e:53c0:93a1
2606:4700:20::681a:77c
2606:4700:3036::6815:1dd6
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:806::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2016
34.98.67.61
35.186.253.211
37.252.173.62
52.19.54.25
69.173.144.139
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
06cd7cc7021bf6dffba812bae048e99c3c2da3f45219ca5ae07b714129001c6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df4111bcafd67e886e85105020bd1838bf4b21b81f8f629f0e3ab41fd0631a0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1b4f8aa46535f75ec5cf282f7b8fc4acbc329d5892766f2adef2f6f5209086b5
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
1ec9adaf790ff95c3650b8fd8c47e457612907894aa0013a03c4ec856e86211c
1fb9ef62f39f1e7282c5858c1ec70aca462af2ec1ed44fda0815e094449dcb7e
21a6c327e51dde18dcbe2aa5b9a208c425180a35dce1be933ff57858898b3cad
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
263aab4dfc3fb45c3b1b667ab35bdc102675d6a3e16a34eceddd4d3ae7c45e04
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
295c2a5486fa9dd0fd4e46cf40a18a8eb529d9244470713bca13dcedbf8850fa
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
337884bd304a9eadbd690f69a2d5a316f922ac5edc1a0df1ff09f9ff305e6bc7
364effc0f6780744b78362bc58b631f3180e1efd8c7c448438734be8f2de49b6
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41c59afa9ccf24a2abd5332f020ce8fdff8dd5b786f8e43d8c2379ab6021446d
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b7385d5d94a04b36543b68a5079a220ef00c0dd4f114b6390a9d9c9fa9eb96
56c6448c03e914d41abbdd7e515e74dd1da2beba37998d75b82af874882ffcbb
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
592a703f1344de86897f1daa608067df3692637054b03297c0e5c3babec9b916
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d4ca686012600e73c614919aa6790df743d735e3648e413521e80d37f5d9f78
617cb99427fd3713919948888a3aa5ccc90b46f70aa87b090cf9e06f574256b1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645b54b527133d298ef127b4b3a29a42561b4166d1970cfbac3c45f3ab39dc78
66709134b78be33fa53bd53207197318fc0e44c0c12781382032df31d2dd7d88
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
71358b4761d146e1aca9bb2844225ebbe26a61c892c15df2c1962c899da2f522
778e8b6afc4d530e63e55cf31372946901d399bc72d84600bd109593a124b4b5
77adf412447c14344c0ea9dd4da8b80825daf2542409671c4dffa31c0c89b7fc
7a7fc4fd1569286b87e4a95d3053a107c79cc600873c22324e18b1f6bbd2d9a6
7c0476a0963f48ab7d40ef00cff0d04dc6df88406e90a931ba4d5ba3fb9195ff
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8225c63a27e7bb8459d4072a2f2f97bb03a0ed2edad34bbb9bbc4ed65006a449
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
84ec976cd756ca9d0a7cbe60a44397cf9190bbf6077190a4eb4a3446ee493f34
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b8d67bb20613f61cb8b8bc7292b623222e90654558a5db29eb20f1bf89ba7dc
9027b3e1ae3851ea9a42bba4a7f24f4e0d24d9e6e7279f0cacce816aecec0a46
9193ef2241dcb9e4104e74ab1d822ad3e5628a17177060b6393235ecc1d32fab
92387b0fa458cbc2936dfa00b47d86b0fe4e71ddc61965504a759452513e9e6c
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
aa4be5b8906e89dd9b7194a974706489fc0f3db359cc372a25a0f2997a33bb6d
aef771d2e517167fe65b281ebbd263d11f079c3a07e91d022a7d1e79d558d7c6
af38c0bd61e5c52eec6d1cd41c6a02851179d2e340224225334940d2ee485d3c
afa997c6ca2f025f3bf1dbb6700dff3cd2c48a3f1ca5e95e32e14b90da097756
b0ef6db2d78dc06e456309758ed57be09a36500e96755cddbad58333119fad75
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b75fc6b0e19ce6804a2a506bce19ed61f3c08f08c5f98beb16d6dd7277edc1b4
b7e7c43b6accb83ca7a569bc6d04d47e092cf9102425f805f1831b1b95623119
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c1f5deeb70304ee2c72a71f4f164cb1f7f5be84b1e89e521f41d70e5d0c9dedb
c2700ba94d7de4fe015865897aa564f7d84c44a64919a486966c2295efd217b8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2a86e94eaa88ad4d08fd51eb63469b0849c3010872d3f3f3971fe51f1c98c01
c6e8acd31da37ad322ae9539ca10f4682b18aa453f889229f90ec6626dbfa263
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d5086584a19523daa99a88944c5bf8aeaa702c2869bd98319dc60187b3ac2235
d540d540aad503ba5101f39badde928f448b46bec380d4cf9ae719628b339f17
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e85841b3deb36a2ee107078d38d11b6efc001d365debdc74f84930c2d177d344
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea139b05849fb0c18025f93f427d3467c586bb57d3cae39f507146a55645ea7
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee2e67ec33cd1f8b2cad3a6e5802718ce289bfbd496ea34728024a829e4c0a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa0aef253460afa8720d2b055b8dace533546115024004b71c1bd7d3d925cd9
f11ac0486150681517a0bda16d6fd683928abf4c558405eeca2d323bcb7ee9bd
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8f19494379f77b90c8ebe163f1133355e43bd363d67212ea6a18a9d441d2fa4
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
fb4b6a1474bea608b2d961085e2ce759b9f4611179d28d6c20ffd4b0e77e58b4

cliqueaqui.bio Open in urlscan Pro 2606:4700:20::681a:77c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

92 %HTTPS

63 %IPv6

27 Domains

39 Subdomains

33 IPs

6 Countries

11245 kBTransfer

16473 kBSize

28 Cookies

4 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cliqueaqui.bio Open in urlscan Pro
2606:4700:20::681a:77c Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

92 %
HTTPS

63 %
IPv6

27
Domains

39
Subdomains

33
IPs

6
Countries

11245 kB
Transfer

16473 kB
Size

28
Cookies

149 HTTP transactions
1 data transactions